Google & Tinder under investigation for GDPR non-compliance
FEBRUARY 6, 2020
The Irish Data Commissioner is investigating whether the two tech giants are in breach of the EU’s General Data Protection Regulation.
Google and Tinder are currently under the scrutiny of regulators based in Dublin, who have launched two separate probes into the privacy practices of both companies.
The investigation into Google is focused on whether their Irish subsidiary has fulfilled its transparency obligations following complaints from across Europe in relation to their processing of data. “The issues raised within the concerns relate to the legality of Google’s processing of location data and the transparency surrounding that processing,” the commission has stated in a blog post.
In response, Google released a statement to say that it “will cooperate fully with the office of the Data Protection Commission in its inquiry and continue to work closely with regulators and consumer associations across Europe. In the last year, we have made a number of product changes to improve the level of user transparency and control over location data”.
Meanwhile, Tinder is also under examination by the Irish Data Commissioner after the EU raised concerns around its processing of private data. The regulator will investigate whether the company has a legal basis for continuing to process this data and whether it fulfils its GDPR obligations relating to transparency and data subject requests.
Under the GDPR, which came into effect in May 2018, citizens have the right to expect that their data will be securely stored and processed. Users of company systems, apps or websites are also allowed to request that companies delete their data or provide them with a copy of what they have stored. If complaints are upheld for violations of the GDPR, the company can be fined 20 million euros ($22.4 million) or 4% of their total annual worldwide revenue in the preceding financial year, whichever is higher.
The importance of securing an EU representative
This latest investigation into the privacy practices of major tech companies is a reminder, to businesses of all sizes, that it is important to ensure the correct handling of data relating to EU citizens.
Article 27 of the GDPR states that if you use data on clients, customers or prospects in the EU but you don’t have a presence in the EU, you must appoint a representative here on your behalf. If you are concerned that your organisation might be in breach of the GDPR, due to similar oversights made by companies like Google and Tinder, please contact our team today, for assistance.
For further information on appointing an EU representative for your business, click here.
Do you need to know more about Article 27 Representation in the EU for GDPR and how it impacts your business?
The Ultimate Guide to Article 27 GDPR EU Representation for Non-EU Businesses.
Find out everything that you need to know about GDPR Article 27 Representation for your organisation in this free guide.