The dating service’s legal basis and personal data security Summary The Danish Data Protection Agency’s Dating.dk ApS (”Dating.dk”) was among the selected decision companies supervised by the Danish DPA in the fall of The Danish DPA expressed serious criticism that Dating. 2018. The planned supervision was aimed at the dating dk’s processing of personal data had not been carried service’s processing of personal data that took place out in accordance with the rules in GDPR, Article 6(1) in connection with users creating profiles and using (legal basis for processing general personal data), the service. The focus was on the dating service’s legal and Article 9(1) (prohibition against the processing of basis for processing and personal data security. special categories of personal data). Before the supervision, the Danish DPA sent a series of The Danish DPA ordered Dating.dk to bring their questions to Dating.dk. However, Dating.dk refused to processing of personal data about users in accordance disclose the number of users, considering it a business with GDPR, specifically Article 6(1), cf. Article 9(1) by secret. As a result, the police searched Dating.dk’s November 16, 2021. They also required Dating.dk to address enabling the Danish DPA to obtain the required submit a copy of their consent solution by the same information. deadline if processing continues Dating.dk’s consent solution was designed as follows: The Danish DPA also expressed serious criticism that The user would accept the Terms and Privacy Policy Dating.dk ApS processed personal data, including by checking the same box. Additionally, the user location information and special categories of personal should consent to the processing of personal data data, without demonstrating that the processing was concerning gender. conducted with regard to the risks to the data subject’s rights and freedom in accordance with GDPR, Article 32(1) and (2) (security of processing). Opret din gratis profil nu Sidste trin inden du er klar til møde alle de dejlige singler Jeg ønsker at modtage nyheder, tips, invitationer til events, konkurrencer og særtilbud på e-mail. Du kan altid afmelde disse e-mails igen. Jeg accepterer brugerbetingelserne samt persondatapolitikken Jeg afgiver hermed samtykke til behandling af oplysningen om hvilket køn jeg søger Opret min profil Tilbage Dating.dk's consent solution design During the audit, Dating.dk asserted that they did not process the personal data of a large number of users, as all profiles were anonymous, and users created a fictitious usernames. Furthermore, they stated that they did not process sensitive or confidential personal data unless users voluntarily provided such information in free text fields. Published: 21-09-2021, Journal number: 2018-41-0013 Tags: 01 Legal basis for processing and principles for processing 106