The Data Inspectorate has granted Odin Flissenter AS a breach fee of NOK 150.000 for violating the credit of an individual company without legal basis. 

The context for the commission is a complaint by a person according to which the individual company has been assessed on the basis of the credit without any type of customer relationship or other affiliation with Odin Flissenter. 

The amount of the commission has been somewhat adequate to the reduction from the amount notified because of the financial consequences that covid-19 has had for the activity. 

The credit information about an individual company is also personal information, as the owner is indirectly identified with the company and this is directly related to the personal finances of the owner. 

This means that it is necessary to have a legal basis for the credit rating of individual companies. 

A credit rating is the result of the collection of personal information from many different sources and reveals a number that indicates the likelihood that a person or an individual company will pay a claim. A credit rating will also reveal details about a company’s finances, such as any payment comments, voluntary mutuals and debt ratio. 

In our assessment of the case, we have placed great emphasis on the private nature of the personal data insofar as it is strictly correlated to the personal finances of the owners, that the complainant’s right to privacy weighs heavily on the processing of this type of personal data and that the collection of information has taken place in the commercial area. 

Odin Flissenter has a three-week appeal period from the moment it receives the decision. vedtak-om-otg-odin-flissenter   SOURCE: AUTORITA’ PER LA PROTEZIONE DEI DATI DELLA NORVEGIA