Search Privacy Fines
Browse and filter privacy enforcement fines worldwide.
21 fines found
Total: $3.0M
| Date | Company | Fine | Regulation | Authority | Country | Type | Summary |
|---|---|---|---|---|---|---|---|
| 2023-05-04 | B2 Kapital d.o.o. | €2.3M | GDPR | Croatian Data Protection Authority (AZOP) | Croatia | Non-compliance with lawful basis for data processing | --Articles: Art. 6 (1) GDPR, Art. 13 (1) GDPR, Art. 28 (3) GDPR, Art. 32 (1) b), d) GDPR, Art. 32 (2) GDPR |
| 2022-07-21 | Telecommunications company | €285K | GDPR | Croatian Data Protection Authority (AZOP) | Croatia | Failure to implement sufficient measures to ensure information security | --Articles: Art. 25 (1) GDPR, Art. 32 (1) b) GDPR, Art. 32 (2) GDPR |
| 2022-03-08 | Energy company | €124K | GDPR | Croatian Data Protection Authority (AZOP) | Croatia | Non-compliance with subjects' rights protection safeguards | --Articles: Art. 15 (3) GDPR |
| 2022-03-08 | Retail company | €89K | GDPR | Croatian Data Protection Authority (AZOP) | Croatia | Failure to implement sufficient measures to ensure information security | --Articles: Art 32 (1) b) and d) GDPR, Art 32 (2) GDPR, Art 32 (4) GDPR |
| 2022-01-01 | Telecommunications company | €20K | GDPR | Croatian Data Protection Authority (AZOP) | Croatia | Non-compliance with lawful basis for data processing | --Articles: Art. 6 (1) GDPR, Art. 5 (1) d) GDPR |
| 2022-07-21 | Car dealership | €4K | GDPR | Croatian Data Protection Authority (AZOP) | Croatia | Non-compliance with general data processing principles | --Articles: Art. 27 (1) |
| 2022-12-05 | Retailer | €4K | GDPR | Croatian Data Protection Authority (AZOP) | Croatia | Insufficient fulfilment of information obligations | --Articles: Art. 27 (1) Croatian act on the Implementation of the GDPR |
| 2022-12-06 | Retailer | €3K | GDPR | Croatian Data Protection Authority (AZOP) | Croatia | Insufficient fulfilment of information obligations | --Articles: Art. 27 (2) Croatian Act on the Implementation of the GDPR |
| 2022-12-07 | Retailer | €3K | GDPR | Croatian Data Protection Authority (AZOP) | Croatia | Insufficient fulfilment of information obligations | --Articles: Art. 27 (2) Croatian Act on the Implementation of the GDPR |
| 2022-12-08 | Retailer | €3K | GDPR | Croatian Data Protection Authority (AZOP) | Croatia | Insufficient fulfilment of information obligations | --Articles: Art. 27 (2) Croatian Act on the Implementation of the GDPR |
| 2022-12-08 | Jewelry manufacturer | €3K | GDPR | Croatian Data Protection Authority (AZOP) | Croatia | Insufficient fulfilment of information obligations | --Articles: Art. 27 (2) Croatian Act on the Implementation of the GDPR |
| 2022-12-06 | Retailer | €2K | GDPR | Croatian Data Protection Authority (AZOP) | Croatia | Insufficient fulfilment of information obligations | --Articles: Art. 27 (2) Croatian Act on the Implementation of the GDPR |
| 2022-11-25 | Company in the hospitality industry | €2K | GDPR | Croatian Data Protection Authority (AZOP) | Croatia | Insufficient fulfilment of information obligations | --Articles: Art. 27 (2) Croatian Act on the Implementation of the GDPR |
| 2022-12-07 | Fish market | €2K | GDPR | Croatian Data Protection Authority (AZOP) | Croatia | Insufficient fulfilment of information obligations | --Articles: Art. 27 (2) Croatian Act on the Implementation of the GDPR |
| 2022-12-05 | Betting place | €2K | GDPR | Croatian Data Protection Authority (AZOP) | Croatia | Insufficient fulfilment of information obligations | --Articles: Art. 27 (1), (2) Croatian Act on the Implementation of the GDPR |
| 2022-11-25 | Betting place | €2K | GDPR | Croatian Data Protection Authority (AZOP) | Croatia | Insufficient fulfilment of information obligations | --Articles: Art. 27 (2) Croatian Act on the Implementation of the GDPR |
| 2020-03-13 | Bank (unknown) | €0 | GDPR | Croatian Data Protection Authority (AZOP) | Croatia | Information obligation non-compliance | The bank did not provide its customers with copies of credit documentation (inte...The bank did not provide its customers with copies of credit documentation (interest changes reviews, repayment plans, and loan agreement annexes) in the period from May 2018 to April 2019. In this sense, the bank went ahead and argued that its decision was the right one since the documentation would be related to repaid loans, which a customer shouldn’t have the right to access. A data subject alerted the DPA, which demanded that the bank provide copies of the loan documentation to the data subject. The DPA fined the bank (a specific sum is still unknown) taking into consideration the financial institution’s continued refusal for over a year to deny the right of access to such documentation to over 2.500 customers. Articles: Art. 15 (1), (3) GDPR |
| 2021-07-05 | Insurance company | €0 | GDPR | Croatian Data Protection Authority (AZOP) | Croatia | Insufficient fulfilment of information obligations | --Articles: Art. 13 GDPR, Art. 14 GDPR, Art 27 (1) of the National Implementation Law |
| 2021-02-22 | Security company | €0 | GDPR | Croatian Data Protection Authority (AZOP) | Croatia | Failure to implement sufficient measures to ensure information security | --Articles: Art. 32 (1) b), d) GDPR, Art. 32 (2), (4) GDPR |
| 2021-07-05 | IT services company | €0 | GDPR | Croatian Data Protection Authority (AZOP) | Croatia | Failure to implement sufficient measures to ensure information security | --Articles: Art. 32 (1) b), (2) GDPR |
| 2020-03-13 | Bank (unknown) | €0 | GDPR | Croatian Data Protection Authority (AZOP) | Croatia | Information obligation non-compliance | --Articles: Art. 15 (1), (3) GDPR |