The Norwegian Data Protection Authority has notified Recover AS of its decision to fine the company NOK 200,000 (EUR 20,000) for non-compliance. The matter concerns a credit rating performed without legal basis.
The background to the fine is a complaint from a private individual who was subjected to a credit assessment without any form of customer relationship or other connection to the company Recover AS.
A credit rating is the result of a compilation of personal data from many different sources and indicates the likelihood of a person being able to pay an outstanding claim. A credit rating will also include detailed information concerning the person's financial situation, such as any payment remarks, debt-to-income ratio and whether the person has any mortgages/liens. The Norwegian Data Protection Authority takes these matters seriously, and normally issue fines for this type of infraction.