Recovery of claims in the GDPR (General Data Protection Regulation) era

Author:Drago? M?nescu
Position:Department of Law, Bucharest University of Economic Studies,
Recovery of claims in the GDPR (General Data Protection
Regulation) era
Lecturer Drago MNESCU1
The pr ocessing of personal information, including the one rela ting to financial
data , is subject to th e legislation on per sonal da ta pr otection, covering both individuals,
creditors and credit registr ars, as well a s Eur opean supervisory a uthorities. This study
looks at ways of debt recovery within the limits of the Eur opean Per sonal Data Protection
Regulation. The first pa rt of the study presents, ratione materia e, the considerations
envisaged for the adoption of the Regulation, but also the way its limitat ions captur e the
recovery pr ocedure. The second par t of the study ta kes into account the prerequ isites for
the a doption of codes of conduct in the field of debt r ecovery, and in the last part o f this
study there a re presented a number of limitations imposed by the pr ovisions of the
Regulation in the debt recovery process.
Keywords: personal information, per sonal data protection, GDPR, financial data , debt
recovery, codes of conduct, European P ersonal Data Protection Regulation.
JEL Classification: K22, K23
1. Introductory considerations
The processing of personal information, including the one relating to
financial data, is subject to the legislation on personal data protection2, covering
both individuals3, creditors and debt collectors, as well as European supervisory
By processing, we understand, in accordance with Regulation (EU)
679/2016 also referred to as GDPR4, any operation or set of operations relating to
personal data, whether or not using automated means, like collecting, recording,
organizing, structuring, storing, adapting, modifying, extracting, consulting, using,
1 Drago Mnescu – Department of Law, Bucharest University of Economic Studies, dragos_mihail
2 Article 2, paragraph 1 of Regulation (EU) No. 679/2016 (GDPR): This Regulation applies to the
processing of person al data wholly or partly by automated means and to the processing other than
by automated means of personal data which form part of a filing system or are intended to form part
of a filing system.
3 Regulation (EU) No. 679/2016 (GDPR), Preamble, point 14: The protection afforded by this
Regulation should apply to natural persons, whatever their nationality or place of residence, in
relation to the processing of their personal data. This Regulation does not cover the processing of
personal data which concerns legal persons and in particular undertakings established as legal
persons, including the name and the form of the legal person and the contact details of the legal
4 Article 4, point 2.

To continue reading

Request your trial