Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
Create an account
Join our community for free to access exclusive whitepapers, reports, and regulatory information.
Faroe Islands: Authority finds unnamed company in violation of Sections 7 and 12 of the data protection act
The Faroe Islands Data Protection Authority ('the Authority') announced, on 20 August 2021, that it had found an unnamed company in violation of Sections 7 and 12 of the Act No. 80 of 7 June 2020 on the Protection of Personal Data ('the Act').
Background to the case
In particular, the Authority outlined that it had investigated a company regarding potential disclosure of sensitive personal information regarding a customer on the internet.
Findings of the Authority
The Authority found that public disclosure of sensitive personal information on the internet requires special authorisation and as such the company was in violation of Section 12 of the Act. In this case, the Authority determined that the company was aware of these legal requirements. Furthermore, the Authority added that the principle of proportionality under Section 7 of the Act must also always be followed, which was violated as part of making sensitive personal information about the customer public.
Outcomes
Ultimately, the Authority decided no further action was necessary.
You can read the press release, only available in Faroese, here.
Send us your Feedback!
Please let us know what you think of DataGuidance! It will only take 60 seconds and help us make the site better for you.
