Search Privacy Fines

Browse and filter privacy enforcement fines worldwide.

← Back to Overview

Regulation

Country

Year

Min Fine (USD)

Sort

2,028 fines found

Total: $8.1B

Date	Company	Fine	Regulation	Authority	Country	Type	Summary
2020-02-14	Colegio Arenales Carabanchel	€3K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Non-compliance with lawful basis for data processing	-- Articles: Art. 6 GDPR
2022-07-29	ESTUDIOS EUROPEOS DE POSTGRADO Y EMPRESA, S.L.	€3K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Failure to implement sufficient measures to ensure information	-- Articles: Art. 5 (1) f) GDPR, Art. 32 (1) GDPR
2020-01-09	Vodafone Espana	€3K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Non-cooperation with Data Protection Authority	-- Articles: Art. 58 GDPR
2020-04-23	Telekom Romania Communications SA	€3K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Failure to implement sufficient measures to ensure information security	-- Articles: Art. 32 GDPR
2022-01-12	SERVICIOS INTEGRALES DEL HOGAR TENERIFE, S.L.	€3K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Non-compliance with lawful basis for data processing	-- Articles: Art. 6 (1) GDPR
2022-09-23	Private individual	€3K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Failure to comply with data processing principles	-- Articles: Art. 5 (1) c) GDPR, Art. 13 GDPR
2021-11-22	Unknown company	€3K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Non-compliance with subjects' rights protection safeguards	-- Articles: Art. 13 GDPR
2021-11-23	Fuensanta S.L.	€3K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Non-cooperation with Data Protection Authority	-- Articles: Art. 58 (1) GDPR
2022-11-25	OTP Leasing Romania IFN SA	€3K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Failure to implement sufficient measures to ensure information security	-- Articles: Art. 25 (1) GDPR, Art. 32 (1) b) GDPR, Art. 32 (2) GDPR
2020-03-25	Enel Energie	€3K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Failure to implement sufficient measures to ensure information security	-- Articles: Art. 32 GDPR
2022-04-28	Comune di Monte Sant’Angelo	€3K	GDPR	Italian Data Protection Authority (Garante)	Italy	Failure to comply with data processing principles	-- Articles: Art. 5 (1) a) GDPR, Art. 6 (1) e) GDPR, Art. 17 GDPR, Art. 2-ter Codice della privacy
2022-01-11	Property Owner Community	€3K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Non-compliance with lawful basis for data processing	-- Articles: Art. 5 (1) c) GDPR
2023-04-07	REGENCY COMPANY SRL	€3K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Failure to comply with data processing principles	-- Articles: Art. 5 (1) a), b), c) GDPR, Art. 6 GDPR
2022-12-29	ADENET SYSTEMS, S.L.	€3K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Insufficient data processing agreement	-- Articles: Art. 58 (1) GDPR
2023-02-28	CITIZENGO FOUNDATION	€3K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Insufficient legal basis for data processing	-- Articles: Art. 7 GDPR
2019-07-05	Legal Company & Tax Hub SRL	€3K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Failure to implement sufficient measures to ensure information security	The company had not imposed sufficient security measures, which led to the unaut... The company had not imposed sufficient security measures, which led to the unauthorized access of personal information related to the people who had made transactions with the website avocatoo.ro. This information includes names, emails, phone numbers, jobs, surnames, mailing addresses, and transaction details). Documents dated 10th of November 2018 – 1st of February 2019 had become publicly accessible to anyone. The company was sanctioned following a notification by the National Supervisory Authority when transaction details were publicly accessible via two links. Articles: Art. 32 GDPR
2020-04-23	Estee Lauder Romania	€3K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Failure to comply with data processing principles	-- Articles: Art. 6 GDPR, Art. 7 GDPR, Art. 9 GDPR
2022-01-20	Kaufland România SCS	€3K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Non-compliance with subjects' rights protection safeguards	-- Articles: Art. 15 (3) GDPR
2022-09-22	Gas station	€3K	GDPR	Hellenic Data Protection Authority (HDPA)	Greece	Non-compliance with subjects' rights protection safeguards	-- Articles: Art. 12 GDPR, Art. 14 GDPR
2020-03-25	eMag - Dante International	€3K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Non-compliance with lawful basis for data processing	-- Articles: Art. 6 GDPR, Art. 21 GDPR
2022-09-15	Thiene Municipality	€3K	GDPR	Italian Data Protection Authority (Garante)	Italy	Failure to comply with data processing principles	-- Articles: Art. 5 (1) a), c) GDPR, Art. 6 GDPR, Art. 2-ter Codice della privacy
2020-02-14	Colegio Arenales Carabanchel	€3K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Non-compliance with lawful basis for data processing	The Spanish Data Protection Authority explained that the school had transferred ... The Spanish Data Protection Authority explained that the school had transferred pictures of students to third parties who then posted those pictures online. Articles: Art. 6 GDPR
2021-07-29	Community of San Giorgio Jonico	€3K	GDPR	Italian Data Protection Authority (Garante)	Italy	Non-compliance with lawful basis for data processing	-- Articles: Art. 5 GDPR, Art. 6 GDPR
2022-12-20	Private individual	€3K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Non-compliance with lawful basis for data processing	-- Articles: Art. 6 (1) GDPR
2022-06-29	Pediatric psychologist	€3K	GDPR	Hellenic Data Protection Authority (HDPA)	Greece	Non-cooperation with Data Protection Authority	-- Articles: Art. 31 GDPR

PreviousPage 55 of 82Next