At the end of 2019, the Dutch Data Protection Authority (AP) imposed a huge fine of 500,000 euros on the tennis federation. The AP interprets the GDPR very strictly and considers the provision of data to partners for direct marketing, even if completely transparent and with the knowledge of the members, as "unlawful." Citizens must be able to maintain control over their data, and that right must carry more weight. See our summary of the fine decision here:
