Search Privacy Fines

Browse and filter privacy enforcement fines worldwide.

← Back to Overview

Regulation

Country

Year

Min Fine (USD)

Sort

2,028 fines found

Total: $8.1B

Date	Company	Fine	Regulation	Authority	Country	Type	Summary
2019-02-26	Telecommunication service provider	€27K	GDPR	Bulgarian Commission for Personal Data Protection (KZLD)	Bulgaria	Non-compliance with lawful basis for data processing	The complainant was unlawfully and unknowingly been registered for the prepaid s... The complainant was unlawfully and unknowingly been registered for the prepaid services of a telecommunication service provider. The employees had used personal data illegally and without express consent from the subject. Moreover, the signature on the application was found to be incongruent and dissimilar to the subject’s own signature. The identity card number on the prepaid application was also fake. Articles: Art. 6 GDPR, Art. 5 (1) a) GDPR
2021-06-16	Vejle Municipality	€27K	GDPR	Danish Data Protection Authority (Datatilsynet)	Denmark	Failure to implement sufficient measures to ensure information security	-- Articles: Art. 32 GDPR
1970-01-01	Vodafone Espana	€27K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Non-compliance with subjects' rights protection safeguards	The data subject had demanded that his data be deleted from the Vodafone records... The data subject had demanded that his data be deleted from the Vodafone records in 2015, which the company agreed to and confirmed. However, he received more than 200 SMS messages in 2018, which Vodafone admitted it was a technical error on their part. They had performed tests, and the data subject’s phone number mistakenly appeared in various customer files. The fine was set at 27.000 Euros since Vodafone admitted to its mistake. Articles: Art. 5 (1) d) GDPR
--	Vodafone Espana	€27K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Non-compliance with subjects' rights protection safeguards	-- Articles: Art. 5 (1) d) GDPR
2022-09-26	TV2 Media Csoport Zrt.	€27K	GDPR	Hungarian National Authority for Data Protection and the Freedom of Information	Hungary	Failure to comply with data processing principles	-- Articles: Art. 5 (1) a), b) GDPR, Art. 6 (1) GDPR, Art. 12 (1) GDPR, Art. 13 GDPR
2022-08-01	Policoro municipality	€26K	GDPR	Italian Data Protection Authority (Garante)	Italy	Failure to comply with data processing principles	-- Articles: Art. 5 (1) a), e) GDPR, Art. 5 (2) GDPR, Art. 12 GDPR, Art. 13 GDPR, Art. 24 GDPR, Art. 38 (6) GDPR
2021-06-07	Region Sormland	€25K	GDPR	Data Protection Authority of Sweden	Sweden	Non-compliance with lawful basis for data processing	-- Articles: Art. 5 (1) a) GDPR, Art. 13 GDPR
2021-06-07	Region Varmland	€25K	GDPR	Data Protection Authority of Sweden	Sweden	Non-compliance with lawful basis for data processing	-- Articles: Art. 5 (1) a) GDPR, Art. 13 GDPR
2021-03-03	Hellenic Bank	€25K	GDPR	Cypriot Data Protection Commissioner	Cyprus	Non-compliance with lawful basis for data processing	-- Articles: Art. 5 (1) e), f) GDPR, Art. 32 (1) b), c) GDPR, Art. 33 (1) GDPR
2023-04-21	SECURITAS DIREC ESPANA, S.A.	€25K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Non-cooperation with Data Protection Authority	-- Articles: Art. 58 (2) GDPR
2023-04-20	KFC RESTAURANTS SPAIN, S.L.	€25K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Non-compliance with subjects' rights protection safeguards	-- Articles: Art. 13 GDPR, Art. 37 GDPR
2022-08-23	Operator of a public toilet	€25K	GDPR	Austrian Data Protection Authority (DSB)	Austria	Failure to comply with data processing principles	-- Articles: Art. 5 (1) a), b), c) GDPR, Art. 6 (1) f) GDPR, Art. 13 GDPR
2021-12-31	PLUS REAL ADVERTISEMENT	€25K	GDPR	Hellenic Data Protection Authority (HDPA)	Greece	Information obligation non-compliance	-- Articles: Art. 13 GDPR, Art. 14 GDPR, Art. 11 Law 3471/2006
2021-07-05	Higher Education Institution	€25K	GDPR	Deputy Data Protection Ombudsman	Finland	Non-compliance with lawful basis for data processing	-- Articles: Art. 5 (1) c) GDPR, Art. 6 GDPR, § 3 Law 759/2004
2021-01-22	Unknown	€25K	GDPR	Belgian Data Protection Authority (APD)	Belgium	Multiple	-- Articles: Art. 5 (1) f), (2) GDPR, Art. 24 GDPR, Art. 32 GDPR, Art. 33 (1), (5) GDPR, Art. 34 (1) GDPR
2020-06-09	Glovoapp23	€25K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	No data protection officer appointed	-- Articles: Art. 37 GDPR
2022-11-02	CAIXABANK S.A.	€25K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Non-compliance with subjects' rights protection safeguards	-- Articles: Art. 16 GDPR
2021-06-22	Unknown	€25K	GDPR	Norwegian Supervisory Authority (Datatilsynet)	Norway	Non-compliance with lawful basis for data processing	-- Articles: Art. 5 GDPR, Art. 6 GDPR, Art. 13 GDPR, Art. 17 GDPR, Art. 21 GDPR
2020-07-20	Banco Bilbao Vizcaya Argentaria, SA	€24K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Failure to comply with data processing principles	-- Articles: Art. 5 GDPR, Art. 6 GDPR
2020-03-03	Vodafone España	€24K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Non-compliance with lawful basis for data processing	-- Articles: Art. 5 GDPR, Art. 6 GDPR
2022-10-09	CAJA DE SEGUROS REUNIDOS, COMPAÑÍA DE SEGUROS Y REASEGUROS, S.A.	€24K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Non-compliance with lawful basis for data processing	-- Articles: Art. 6 (1) GDPR
2022-12-29	SUMINISTRADOR IBERICO DE ENERGIA, S.L.	€24K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Non-compliance with lawful basis for data processing	-- Articles: Art. 6 (1) GDPR
2020-07-02	Iberdrola Clientes	€24K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Non-compliance with subjects' rights protection safeguards	-- Articles: Art. 5 GDPR
2023-01-02	FACTOR ENERGIA, S.A.	€24K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Non-compliance with lawful basis for data processing	-- Articles: Art. 6 (1) GDPR
2021-12-07	NBQ Technology, S.A.U.	€24K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Non-compliance with lawful basis for data processing	-- Articles: Art. 6 (1) GDPR

PreviousPage 28 of 82Next