Incogni sues GfK Group for failure to comply with GDPR
Incogni is taking legal action against GfK Group – Germany’s largest market research company – for failing to comply with GDPR and remove user data upon legal request.
GfK Group is one of the leading market research companies in Europe, mainly specializing in providing market research and user information to the consumer goods industry with over 10,000 clients in 50+ countries. One of the key functions the company performs is gathering, analyzing, enriching, and reselling user information to other businesses. Incogni – the personalized online privacy service developed by Surfshark (one of the leading VPNs on the market) that submits data removal requests on behalf of the user – has recently taken legal action against the company for its failure to comply with EU and EEA GDPR upon Incogni’s official request.
According to Incogni, GfK group has consistently ignored all of the company’s requests to comply with GDPR and remove user data. This includes over 500 requests submitted on behalf of users from the Netherlands. Currently, Incogni is pursuing legal action to be taken against GfK Group for failing to comply with Article 17 of GDPR. Additionally, Incogni seeks to exercise GDPR enforcement against GfK to prevent repeat law violations.
In the wake of Incogni taking its first data broker to court, the privacy protection service’s Head, Darius Belevejas issued the following statement:
“Companies placing obstacles in the way of consumers exercising their data protection rights represent a widespread problem. Incogni believes that data privacy is a fundamental aspect of safeguarding individual privacy rights, promoting democratic values and fostering human development in the digital age. We are taking legal action to ensure that data deletion requests are taken seriously by companies that acquire, hold, or trade personal information”
GfK Group is yet to respond to the legal action taken against it.
In 2022, companies paid a total of over €839 million in fines due to non-compliance with GDPR. The highest GDPR fine was issued to the Meta-owned Instagram social media platform in Ireland and totaled €405 million.