Sections
Highlight
Susana Zamora
Madrid
Tuesday, 27 June 2023, 21:06
A WhatsApp message that a delivery man left for a recipient who was not at home at the time has ended up costing him dearly after his company was stung with a 140,000-euro fine.
“I left the package for you at the ice cream parlour downstairs,” the text message read. As a result, the Spanish data protection agency (AEPD) fined the courier company, United Parcel Service of America (UPS), 140,000 euros for leaving a package in a commercial premises located on the ground floor of the building where the recipient resides without being authorised to do so.
The parcel had a note on it which included the recipient’s full name, telephone number and address. The AEPD considered that exposing this information breached two infringements of data protection laws.
The first breached the confidentiality of the customer's personal data, which is considered "very serious" and punishable by a fine of 100,000 euros. The second serious infringement, punished with 40,000 euros, is for reoffending, after a similar incident happened with the same company at the end of last year.
Repeat offender
AEPD fined UPS 70,000 euros for delivering two MediaMarkt orders to a neighbour of the buyer without his consent.
According to UPS, the company "acts and proceeds as agreed with Media Markt and with the objective of guaranteeing delivery and the order in the time and manner agreed with the company, always in favour and in the interest of the complainant itself".
As evidence, the buyer submitted two clauses found in the terms and conditions of the contract which explained, on the one hand, the possibility of delivering the parcel to the neighbour in the absence of the recipient and, on the other hand, the obligation of the sender of the shipment, in this case Media Markt, to inform the recipient about the processing of his data in the framework of the services it offers".
"Thus, it is Media Markt itself, as the sender of the product, which should have excluded the possibility of delivery to a neighbour from the delivery, as UPS expressly informed it that in the absence of this exclusion this was possible", they pointed out.
UPS considered that it acted in accordance with the contract signed with Media Markt and that it was responsible for the processing of the data, as it "had the obligation to inform that it could not proceed with the delivery through a neighbour".
But the AEPD found that UPS transferred the complainant's data to a third party without his consent and the fact that it had signed a contract with Media Markt, did not exempt UPS from liability.
Publicidad
Publicidad
Publicidad
Publicidad
Reporta un error en esta noticia
Necesitas ser suscriptor para poder votar.