The DPC has launched an investigation into the ongoing processing of user data on dating app Tinder, as well as Google’s processing of location data.
Irish regulators have launched investigations into how Google and dating app Tinder handle data from users.
The Data Protection Commission (DPC) received complaints from consumer organisations across the EU in which concerns were raised about Google’s processing of location information.
They related to the legality of the tech giant’s use of that material and transparency issues. The EU’s General Data Protection Regulation (GDPR) governs how companies treat information they have gathered about their users.
Google has a major base in Dublin and Ireland’s regulator is its lead supervisory authority.
Processing data location
The commission said: “The inquiry will set out to establish whether Google has a valid legal basis for processing the location data of its users and whether it meets its obligations as a data controller with regard to transparency.”
A spokesperson from Google said people should be able to understand and control how companies like Google use location data to provide services to them.
They added: “We will cooperate fully with the office of the Data Protection Commission in its inquiry, and continue to work closely with regulators and consumer associations across Europe.
“In the last year, we have made a number of product changes to improve the level of user transparency and control over location data.”
Personal data on Tinder
Issues have also been identified from concerns raised by individuals in Ireland and across the EU about Tinder’s parent company Mtch Technology Services Limited.
They relate to “ongoing processing of users’ personal data” in relation to the Tinder platform, transparency surrounding the processing, and the company’s compliance with its obligations to deal with requests, the DPC said.
It added: “The inquiry of the DPC will set out to establish whether the company has a legal basis for the ongoing processing of its users’ personal data and whether it meets its obligations as a data controller with regard to transparency and its compliance with data subject right’s requests.”
A spokesperson for the Match Group said: “Transparency and protecting our users’ personal data is of utmost importance to us. We are fully cooperating with the Data Protection Commission, and will continue to abide by GDPR and all applicable laws.”
Ireland’s commissioner is the main regulator for Google and Tinder because they have their European headquarters in Dublin, where corporate tax rates are lower than in other countries.
The penalty for infringing GDPR can be up to 4pc of turnover or €20m – whichever is higher.
Facebook has previously faced action in the Irish courts after Ireland’s commissioner investigated its transfer of personal data to the US.
– PA Media