Skip to main content

Reference to trade secret outruled as a reason to deny access to voice recordings in Hungary


The Hungarian data protection authority confirmed in a new case that the controller cannot block access to voice recordings by customers by referring to trade secret rules and highlighted the importance to correctly assessing the information in each case a customer exercises his right to access.

In this case a customer of a bank required the copy of the recording of his conversation with the customer service of the bank. The customer requested access to the copy multiple times, and the bank, after 1,5 months, only offered the recording on the condition that the customer signs an acknowledgement of receipt, which would state that the customer acknowledges having received the copy of the recording (before actually receiving the recording) and would not show the recording to anybody else besides his legal representative.

Upon the complaint of the customer the authority required further information on the handling of the case from the bank, which highlighted that the information on the recording was the bank’s trade secret and that the delay in answering the customer’s request was only due to an internal administrative mistake.

The authority, however, found that the bank did not even inform the customer on prolonging the original 1 month deadline for the answer and did not show any hardship delaying its answer.

The authority further highlighted that the bank could not have required signing an acknowledgement of receipt, since – besides identification of the customer – the controller cannot hinder the exercise of data protection rights. The authority did not agree with the bank about the recording being subject to trade secret rules and the related business interests of the bank. The communication in this case was conducted with the customer service and related to customer management, therefore it did not incorporate any confidential information that could be subject to trade secret rules.


Article provided by INPLP member: Kinga Madocsai (SimpLEGAL, Hungary)



Discover more about the INPLP and the INPLP-Members

Dr. Tobias Höllwarth (Managing Director INPLP)

Cloud Privacy Check (CPC). Data Privacy Compliance in the Cloud Made Easy

Understand Cloud and Data Protection Law in only 4 easy steps. Plus highly relevant legal information for 33 countries. Provided by EuroCloud and 53 European lawyers.


About Us

EuroCloud is an independent non-profit organization and consists of a two-tier setup where organisations form all European countries can apply to participate in as long as they respect the EuroCloud Statutes.

To act as a true European player, all programs that are developed are intended to be European activities. These European programs are the strength of EuroCloud as a whole. Respect to local cultures along with the will to promote a real European spirit.