Blog details

Fine for lack of cooperation imposed by the Polish DPA

Fine for lack of cooperation imposed by the Polish DPA

A recent fine imposed by the Polish DPA was for lack of cooperation with the supervisory authority.


The Polish DPA recently imposed a fine on Pactum Poland for lack of cooperation. The case was initiated by a complaint which led the Polish DPA to request information from the company, Pactum Poland. The company’s failure to answer questions included in the letter received from the supervisory authority, led to a fine for lack of cooperation. This national case reached a final decision in December 2021, with the result of an administrative fine as the company’s actions were found to be a breach of the GDPR. 


Pactum Poland’s failure to accept requests for information from the Polish DPA is a violation of Article 31 of the GDPR. 


The Polish DPA requested information from the company in order to determine the facts of a case initiated by the complaint. There were a total of four requests sent to the company, of which the company only accepted one. In addition the company failed to reply to these requests. This failure to provide information is a violation of Article 31 of the GDPR, which states “The controller and the processor and, where applicable, their representatives, shall cooperate, on request, with the supervisory authority in the performance of its tasks.”


The Polish DPA imposed a fine for lack of cooperation, amounting to €4000.


Under Article 58 of the GDPR, a supervisory authority has the power to order the controller and the processor, and, where applicable, the controller’s or the processor’s representative to provide any information it requires for the performance of its tasks. Failure to comply with these requests could result in a fine, as was the case with the Polish DPA and Pactum Poland. As a result, the company was hit with a €4,000 fine. This will not only be effective, proportionate and dissuasive in this individual case, but will also be a signal for other entities about the importance of cooperation with supervisory authorities.

Does your company have all of the mandated safeguards in place to ensure the safety of the personal data you collect or process? Aphaia can help. Aphaia also provides both GDPR and Data Protection Act 2018 consultancy services, including data protection impact assessments, and Data Protection Officer outsourcing. We can help your company get on track towards full compliance. Contact us today.

Prev post
La Comisión Europea propone una nueva Ley de Datos
March 1, 2022
Next post
La autoridad de control de Polonia impone una multa por falta de cooperación
March 3, 2022

Leave a Comment