The data protection authority's investigation revealed that journeys over the telephone number serving as the ID could be traced for more than 2 years (memory limitation). In addition, it was not necessary to use the telephone number as an ID in the positioning system and could have been circumvented (data minimisation).

Topic: Memory limitation | Data minimization | Purpose limitation

Authority: Danish Data Protection Authority (Datatilsynet)

Sanction: € 160’000 (recommendation)

The taxi company Taxa 4×35 stated that the journey data (GPS) would be anonymised after 2 years and the customer data deleted after 5 years. However, the data protection authority’s investigation revealed that journeys over the telephone number serving as the ID could be traced for more than 2 years (memory limitation). In addition, it was not necessary to use the telephone number as an ID in the positioning system and could have been circumvented (data minimisation). The insufficient information regarding the use of the telephone number (purpose limitation) was also raised. As a fourth point, the Commission criticised the documentation for the deletion concept. This was incomplete because it was not clear how deletion would be ensured if a backup was restored. It is necessary to log the deletions (memory limitation).

source https://www.datatilsynet.dk/tilsyn-og-afgoerelser/afgoerelser/2019/mar/tilsyn-med-taxa-4x35s-behandling-af-personoplysninger/