The Polish data protection authority has fined ClickQuickNow €47,126.97 for violating the General Data Protection Regulation (GDPR) by requiring too difficult a process for revoking consent.
The process in question required the person who submits the statement of withdrawal of consent to indicate the reason for his request after the site provided the person with a message saying “Your withdrawal of consent today […]!”.
Only following this did the company inform the person about how to withdraw consent.
The data protection authority took issue with a number of things:
- It should not be more difficult to withdraw consent than to give it. This is not quick and simple.
- The message displayed re ‘your withdrawal of consent today’ is one that most people already associate with consent having already been revoked and would not think they need to do anything else which means that consent is not effectively revoked.