March 2021 – The Czech Office for Personal Data Protection (ÚOOÚ) recently published the results of inspections it carried out in 2020. Compared to other supervisory authorities across the European Union, the Czech regulator for personal data protection was not very active in 2020, and the fines it imposed for violations of the General Data Protection Regulation (GDPR) during the year were relatively low. For this reason, some of the report's conclusions deserve attention. For example, as part of its inspections in 2020 the ÚOOÚ looked into the use of published (publicly available) personal data, the processing of personal data for marketing purposes, the storage of cookies on websites, and the making of copies of ID cards. In one area of its supervisory activities—the sending of unsolicited commercial communications—the ÚOOÚ was significantly bolder. A record fine of CZK 6 million (approximately EUR 230,000) was imposed in this area in 2020.

We have briefly summarised the findings from the current inspection activities and practice of the ÚOOÚ in a video created in cooperation with (in Czech only).

Link here:


Originally Published by , March 2021

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.