On July 17, 2020, the Luxembourg data protection authority initiated an investigation into company “A,” the owner of a website and mobile application, to verify compliance with Article 12(1), 13, and 14 of the GDPR.
The investigation focused on users of the website and mobile application.
The investigation revealed that:
The owner of the controlled website and mobile application responded that the unavailability of information was due to the attitude of the service provider, i.e. the IT company to whom he entrusted the management of the website and application.