Credit agency prohibited from collecting data via access requests and civil registries
Content
Credit Scoring Credit agency prohibited from collecting data via access requests and civil registries Two years ago, noyb filed a GDPR complaint against credit data broker KSV 1870. The Austrian credit reporting agency stored unsolicited data from previously unknown individuals who exercised their legal right to access their data. Now, the Austrian Data Protection Authority (DSB) published their ruling on the case: the credit reporting agency may not collect data through access requests and civil registries. Decision by the Austrian DSB Credit bureau stores data from information requests. Europeans have the right to submit an information request to companies to find out what data is being processed about them. To confirm the identity of the person, a company often asks for additional data: an ID, name, address or date of birth, for example. Naturally, companies may only use this additional information for the purpose of answering an access request and must then delete it again. This is