Search Privacy Fines
Browse and filter privacy enforcement fines worldwide.
43 fines found
Total: $1.9M
| Date | Company | Fine | Regulation | Authority | Country | Type | Summary |
|---|---|---|---|---|---|---|---|
| 2020-07-14 | Google Belgium SA | €600K | GDPR | Belgian Data Protection Authority (APD) | Belgium | Non-compliance with lawful basis for data processing | --Articles: Art. 5 GDPR, Art. 6 GDPR, Art. 17 (1) a) GDPR, Art. 12 GDPR |
| 2022-02-02 | IAB Europe | €250K | GDPR | Belgian Data Protection Authority (APD) | Belgium | Non-compliance with lawful basis for data processing | --Articles: Art. 5 (1) a) GDPR, Art. 5 (2) GDPR, Art. 6 (1) GDPR, Art. 9 (1), (2) GDPR, Art. 12 (1) GDPR, Art. 13 GDPR, Art. 14 GDPR, Art. 24 (1) GDPR, Art. 30 GDPR, Art. 31 GDPR, Art. 32 (1), (2) GDPR, Art. 37 GDPR |
| 2022-04-04 | Brussels Airport Zaventem | €200K | GDPR | Belgian Data Protection Authority (APD) | Belgium | Non-compliance with lawful basis for data processing | --Articles: Art. 5 (1) c) GDPR, Art. 6 (1) e) GDPR, Art. 9 (2) g) GDPR, Art. 12 GDPR, Art. 13 (1) c) GDPR, Art. 13 (2) e) GDPR, Art. 35 (1), (3), (7) b) GDPR |
| 2022-04-04 | Brussels Airport Charleroi | €100K | GDPR | Belgian Data Protection Authority (APD) | Belgium | Non-compliance with lawful basis for data processing | --Articles: Art. 5 (1) a), b) GDPR, Art. 6 (1) c) GDPR, Art. 6 (3) GDPR, Art. 9 (2) i) GDPR, Art. 12 (1) GDPR, Art. 13 (1) c) GDPR, Art. 13 (2) e) GDPR, Art. 35 (1), (7) GDPR |
| 2021-12-16 | Bank | €75K | GDPR | Belgian Data Protection Authority (APD) | Belgium | Insufficient involvement of data protection officer | --Articles: Art. 38 (6) GDPR |
| 2020-04-28 | Proximus SA | €50K | GDPR | Belgian Data Protection Authority (APD) | Belgium | Failure to implement sufficient measures to ensure information security | --Articles: Art. 31 GDPR, Art. 58 GDPR, Art. 37 GDPR |
| 2020-12-01 | Unknown | €50K | GDPR | Belgian Data Protection Authority (APD) | Belgium | Non-compliance with subjects' rights protection safeguards | --Articles: Art. 14 (1), (2) GDPR, Art. 12 (1), (2), (3) GDPR, Art. 15 (1) GDPR, Art. 5 (1) c), (2) GDPR, Art. 24 (1), (2) GDPR |
| 2022-06-16 | SA Rossel & Cie | €50K | GDPR | Belgian Data Protection Authority (APD) | Belgium | Non-compliance with lawful basis for data processing | --Articles: Art. 6 (1) a) GDPR, Art. 7 (1) GDPR, Art. 12 (1) GDPR, Art. 13 GDPR, Art. 14 GDPR |
| 2022-05-25 | Roularta Media Group | €50K | GDPR | Belgian Data Protection Authority (APD) | Belgium | Failure to comply with data processing principles | --Articles: Art. 5 (1) e) GDPR, Art. 5 (2) GDPR, Art. 6 (1) a) GDPR, Art. 7 (1), (3) GDPR, Art. 12 GDPR, Art. 13 GDPR, Art. 14 GDPR, Art. 24 GDPR |
| 2021-01-27 | Family Service / N.D.P.K. nv. | €50K | GDPR | Belgian Data Protection Authority (APD) | Belgium | Multiple | --Articles: Art. 5 GDPR, Art. 6 GDPR, Art. 7 GDPR, Art. 13 GDPR, Art. 24 GDPR, Art. 25 GDPR, Art. 28 GDPR |
| 2020-05-14 | Social Media Provider | €50K | GDPR | Belgian Data Protection Authority (APD) | Belgium | Non-compliance with lawful basis for data processing | --Articles: Art. 6 GDPR |
| 2021-01-22 | Unknown | €25K | GDPR | Belgian Data Protection Authority (APD) | Belgium | Multiple | --Articles: Art. 5 (1) f), (2) GDPR, Art. 24 GDPR, Art. 32 GDPR, Art. 33 (1), (5) GDPR, Art. 34 (1) GDPR |
| 2022-08-19 | Medical Laboratory | €20K | GDPR | Belgian Data Protection Authority (APD) | Belgium | Failure to comply with data processing principles | --Articles: Art. 5 (1) f) GDPR, Art. 12 GDPR, Art. 13 GDPR, Art. 14 GDPR, Art. 32 GDPR, Art. 35 (1), (3) GDPR |
| 2022-04-04 | Ambuce Rescue Team | €20K | GDPR | Belgian Data Protection Authority (APD) | Belgium | Non-compliance with lawful basis for data processing | --Articles: Art. 5 GDPR, Art. 6 GDPR, Art. 9 GDPR |
| 2020-12-01 | Unknown | €15K | GDPR | Belgian Data Protection Authority (APD) | Belgium | Non-compliance with subjects' rights protection safeguards | --Articles: Art. 14 (1), (2) GDPR, Art. 12 (3) GDPR, Art. 6 GDPR, Art. 5 (1) c), (2) GDPR, Art. 24 (1), (2) GDPR |
| 2019-12-17 | Legal information wesbite | €15K | GDPR | Belgian Data Protection Authority (APD) | Belgium | Non-compliance with lawful basis for data processing | A website that provided legal information and news only had its privacy policy p...A website that provided legal information and news only had its privacy policy page available in English, even though it was also addressing the French and Dutch-speaking markets. Also, the privacy policy page was not easily accessible and did not mention the legal basis for the processing of data, as required by the GDPR. The website also used Google Analytics without effective consent. Articles: Art. 6 GDPR, Art. 12 GDPR, Art. 13 GDPR |
| 2019-12-17 | Legal information wesbite | €15K | GDPR | Belgian Data Protection Authority (APD) | Belgium | Non-compliance with lawful basis for data processing | --Articles: Art. 6 GDPR, Art. 12 GDPR, Art. 13 GDPR |
| 2021-12-08 | Unknown | €12K | GDPR | Belgian Data Protection Authority (APD) | Belgium | Non-compliance with subjects' rights protection safeguards | --Articles: Art. 12 (3) GDPR, Art. 14 (1), (2), (3) GDPR, Art. 15 GDPR, Art. 17 (1) c) GDPR, Art. 21 (2) GDPR |
| 2022-05-04 | Nationale Maatschappj der Belgische Spoorwegen | €10K | GDPR | Belgian Data Protection Authority (APD) | Belgium | Failure to comply with data processing principles | --Articles: Art. 5 (1) a), c) GDPR, Art. 6 (1) GDPR, Art. 12 (2) GDPR, Art. 21 (2), (3), (4) GDPR |
| 2019-09-17 | Merchant | €10K | GDPR | Belgian Data Protection Authority (APD) | Belgium | Failure to comply with data processing principles | --Articles: Art. 5 (1) c) GDPR |
| 2019-09-19 | Merchant | €10K | GDPR | Belgian Data Protection Authority (APD) | Belgium | Failure to comply with data processing principles | A merchant was found guilty of trying to create a customer card using an electro...A merchant was found guilty of trying to create a customer card using an electronic identity card. In doing so, the merchant would have needed access to personal information on the electronic identity card, including photo and barcode. The fine was 10.000 euros. Articles: Art. 5 (1) c) GDPR |
| 2020-06-19 | Unknown | €10K | GDPR | Belgian Data Protection Authority (APD) | Belgium | Non-compliance with lawful basis for data processing | --Articles: Art. 5 GDPR, Art. 6 GDPR, Art. 15 GDPR |
| 2020-12-23 | Unknown | €10K | GDPR | Belgian Data Protection Authority (APD) | Belgium | Failure to comply with data processing principles | --Articles: Art. 6 (1) GPDR, Art. 12 (3) GDPR, Art. 21 (1) GDPR |
| 2022-04-01 | Company | €8K | GDPR | Belgian Data Protection Authority (APD) | Belgium | Non-compliance with lawful basis for data processing | --Articles: Art. 5 (1) a) GDPR, Art. 6 (1) f) GDPR, Art. 15 GDPR, Art. 17 GDPR, Art. 18 GDPR, Art. 21 GDPR, Art. 28 GDPR |
| 2019-11-28 | City councilor | €5K | GDPR | Belgian Data Protection Authority (APD) | Belgium | Non-compliance with lawful basis for data processing | Two Belgian politicians, a city councilor and a mayor have been fined €5,000 eac...Two Belgian politicians, a city councilor and a mayor have been fined €5,000 each for sending out campaign emails to recipients who have not consented to receive such emails. Articles: Art. 6 GDPR |