Recovery of claims in the GDPR (General Data Protection Regulation) era

• Author: Drago? M?nescu
• Position: Department of Law, Bucharest University of Economic Studies, dragos_mihail@yahoo.com.
• Pages: 181-192

Recovery of claims in the GDPR (General Data Protection

Regulation) era

Lecturer Drago MNESCU1

Abstract

The pr ocessing of personal information, including the one rela ting to financial

data , is subject to th e legislation on per sonal da ta pr otection, covering both individuals,

creditors and credit registr ars, as well a s Eur opean supervisory a uthorities. This study

looks at ways of debt recovery within the limits of the Eur opean Per sonal Data Protection

Regulation. The first pa rt of the study presents, ratione materia e, the considerations

envisaged for the adoption of the Regulation, but also the way its limitat ions captur e the

recovery pr ocedure. The second par t of the study ta kes into account the prerequ isites for

the a doption of codes of conduct in the field of debt r ecovery, and in the last part o f this

study there a re presented a number of limitations imposed by the pr ovisions of the

Regulation in the debt recovery process.

Keywords: personal information, per sonal data protection, GDPR, financial data , debt

recovery, codes of conduct, European P ersonal Data Protection Regulation.

JEL Classification: K22, K23

1. Introductory considerations

The processing of personal information, including the one relating to

financial data, is subject to the legislation on personal data protection2, covering

both individuals3, creditors and debt collectors, as well as European supervisory

authorities.

By processing, we understand, in accordance with Regulation (EU)

679/2016 also referred to as GDPR4, any operation or set of operations relating to

personal data, whether or not using automated means, like collecting, recording,

organizing, structuring, storing, adapting, modifying, extracting, consulting, using,

1 Drago Mnescu – Department of Law, Bucharest University of Economic Studies, dragos_mihail

@yahoo.com.

2 Article 2, paragraph 1 of Regulation (EU) No. 679/2016 (GDPR): This Regulation applies to the

processing of person al data wholly or partly by automated means and to the processing other than

by automated means of personal data which form part of a filing system or are intended to form part

of a filing system.

3 Regulation (EU) No. 679/2016 (GDPR), Preamble, point 14: The protection afforded by this

Regulation should apply to natural persons, whatever their nationality or place of residence, in

relation to the processing of their personal data. This Regulation does not cover the processing of

personal data which concerns legal persons and in particular undertakings established as legal

persons, including the name and the form of the legal person and the contact details of the legal

person.

4 Article 4, point 2.