Home » News » Wizz Air: €1 for a flight, €35 for your GDPR right
wizz air right to rectification

Wizz Air: €1 for a flight, €35 for your GDPR right

Despite the free right to rectification under the GDPR, the airline charged € 35 in phone charges to update a surname.

Updating name allegedly only possible in case of marriage.

After changing her surname and consequently her email address, an Austrian passenger of Wizz Air needed to update her data stored with the company using her right to rectification provided by GDPR. As the passenger couldn’t do this herself, she filed a “rectification request” for her surname and email address with Wizz Air’s Data Protection Officer (DPO).

Three months later, the data subject still had not received any response. She submitted a new request to change her surname using the company’s contact form. Customer Service told her that she could not change her surname online except in case of marriage. In her case, she would need to call the Wizz Air Call Center, which costs of more than 1 Euro per minute.

35,67 Euros later – a partial success. 

Only after being on the phone for about 32 minutes did Wizz Air change the passenger’s surname, however, they still did not change her email address. Even minor inaccurate data often has real life consequences: Information about a cancelled flight was sent to the passenger’s former email address. As a result, the passenger only coincidentally learned about the cancelled flight in the last minute, as the notification was sent to the passenger’s former email address.

Wizz Air requires passengers to keep their account data accurate. By law, updating your data must be free, so low costs airlines can’t make compliance with the GDPR another one of their hidden fees.” – Ala Krinickytė, data protection lawyer at noyb

The GDPR gives customers the right to correct their information free of charge (Article 12(5) GDPR). By forcing customers to call their expensive hotlines for changes, Wizz Air fails to let customers exercise this “right to rectification”. The case of the passenger is not an isolated one. Other Wizz Air customers have complained about similar issues too (for example here).

“The GDPR states controllers should take ‘every reasonable step’ to ensure that data is accurate. In this case, it feels like Wizz Air failed to take any steps at all. The request for rectification is probably the least contentious data protection request a data subject can submit to the controller. Especially with airlines, it is of great importance that their passenger lists matches the passports. They make things more complicated and costly than necessary.” – Ala Krinickytė, data protection lawyer at noyb

Complaint filed, with a potential fine of up to €97 million.

Due to the fact that Wizz Air has shown a systematic failure to deal with the right to correct personal data without undue delay and free of charge, noyb has filed a complaint with the Austrian data protection authority.

“According to Forbes, Wizz Air is now ‘Europe’s largest airline’, which makes it all the more important for them to adjust their practices and ensure their customers’ GDPR rights. Given that this is a larger problem at Wizz Air, the data protection authority should impose an effective and dissuasive fine. Companies need to understand that they can’t simply ignore their passengers’ data protection rights.” – Ala Krinickytė, data protection lawyer at noyb

Original article: NOYB

Photo by Markus Winkler on Unsplash.

Subscribe to our Newsletter

Your e-mail address is only used to send you our newsletter and information about the activities of GDPR Register. You can always use the unsubscribe link included in the mail.

Latest News
The new directives from the European Union are making life more difficult for Estonian entrepreneurs again
GDPR Personal Data

The new directives from the European Union are making life more difficult for Estonian entrepreneurs again

March 13, 2024
CEO of a privacy startup: The year brings significant changes in the field of data protection
Cyber Security GDPR Personal Data

CEO of a privacy startup: The year brings significant changes in the field of data protection

March 13, 2024
Introducing Marit Kesa – GDPR Register’s new Sales and Customer Success Manager
GDPR Personal Data Privacy Data Breach Technology

Introducing Marit Kesa – GDPR Register’s new Sales and Customer Success Manager

February 19, 2024
New record for GDPR fines: over four billion euros in penalties
Fines GDPR Personal Data Technology

New record for GDPR fines: over four billion euros in penalties

October 31, 2023
Legal tech startup GDPR Register appoints ex-Veriff leader as new CEO to lead next stage of growth
GDPR Personal Data

Legal tech startup GDPR Register appoints ex-Veriff leader as new CEO to lead next stage of growth

October 26, 2023
Share on facebook
Share on linkedin
Share on twitter
Share on pinterest
Share on print
Share on email

Latest Blog Posts