Austrian Data Protection Authority Fines ‘Unser Ö-Bonus Club GmbH’ €2,000,000

  • An Austrian loyalty program operator was fined 2 million Euros for unlawful user data collection.
  • The company obtained people’s consent improperly, failing to inform them about what that entails.
  • The firm continued to use the illegally obtained user data even after they admitted their wrongdoing.

‘Unser Ö-Bonus Club GmbH,’ a Vienna-based company that operates a multi-partner loyalty program, got a fine of 2,000,000 EUR from the Austrian Data Protection Authority (Datenschutzbehörde) over multiple violations of the GDPR. In summary, the company served users with inadequate consent declarations, engaged in unlawful processing of personal customer data for profiling purposes, and actually continued all that even after they admitted their wrongdoing. The violations pertain to Articles 6, 7, 12, and 13 of the GDPR.

When a user registers onto the bonus club program, their shopping behavior and all data that derive from it are collected and analyzed by the firm, which creates a unique customer profile. This is then passed to advertising partners for profit, but the users are unaware of both the data processing and the selling of their profiles to numerous other entities.

The company did mention this procedure, found only by those who bother to scroll down, but the “Yes” or “No” consent prompt was offered on the top, so essentially, everyone accepted the terms without being informed about what this entails. Unser Ö-Bonus Club received an alert during the initial investigation about this problem and admitted that the form elements were wrongfully laid out.

Even after they fixed the form, though, the firm continued to use the data it had collected from 2.3 million Austrians, which they had gained through the inadequate form. This was an unethical move that the company could easily present as a mistake, and so they did. Also, they accuse the Austrian data protection authorities of not giving them advice and not warning them that if they didn’t purge the already collected info, a fine would be imposed.

Back in 2019, Rewe, the ‘Unser Ö-Bonus Club’ program operator, won the ‘Big Brother Award’ for “Communication and Marketing.” The jury openly supported this decision by saying that Rewe’s program results in the collection of valuable marketing data that many entities like supermarkets, petrol stations, and furniture stores are happy to buy and use.

Rewe has some reach outside Austria, operating businesses in Romania, Italy, Croatia, Bulgaria, the Czech Republic, and Hungary. Some of the brands that have or have had business relations and possibly data exchange relationships with Rewe include ‘Billa,’ ‘Penny,’ ‘BIPA,’ ‘Libro,’ and ‘Merkur.’

REVIEW OVERVIEW

Latest

How to Watch Rooms We Love Online From Anywhere

A new lovely series focusing on beautiful houses and great interior designers is set to soon premiere, this time with an emphasis...

How to Watch Elizabeth: A Portrait in Parts Online From Anywhere – Stream the Queen Elizabeth II Documentary

Elizabeth: A Portrait in Part(s) is a documentary on the life of Queen Elizabeth II, the longest-lived, longest-reigning British monarch and longest-serving...

How to Watch Shoresy Online From Anywhere: Stream the Letterkenny Spin-Off Series

Shoresy is the foul-mouthed, chirp-serving, mother-loving, fan-favorite character, and this show sees him join a senior AAA hockey team in Sudbury on...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari