Search Privacy Fines

Browse and filter privacy enforcement fines worldwide.

← Back to Overview

Regulation

Country

Year

Min Fine (USD)

Sort

2,028 fines found

Total: $8.1B

Date	Company	Fine	Regulation	Authority	Country	Type	Summary
2022-12-07	Retailer	€3K	GDPR	Croatian Data Protection Authority (AZOP)	Croatia	Insufficient fulfilment of information obligations	-- Articles: Art. 27 (2) Croatian Act on the Implementation of the GDPR
2021-05-12	Unknown	€3K	GDPR	National Commission for Data Protection (CNPD)	Luxembourg	Failure to comply with data processing principles	-- Articles: Art. 5 (1) c) GDPR, Art. 13 GDPR
2020-02-20	L.E. EOOD	€3K	GDPR	Data Protection Commission of Bulgaria (KZLD)	Bulgaria	Non-compliance with lawful basis for data processing	-- Articles: Art, 25 (1) GDPR, Art. 32 GDPR, Art. 6 GDPR
2020-02-20	T.K. EOOD	€3K	GDPR	Data Protection Commission of Bulgaria (KZLD)	Bulgaria	Non-compliance with lawful basis for data processing	-- Articles: Art. 25 (1) GDPR, Art. 32 GDPR
2022-08-23	Company	€3K	GDPR	Belgian Data Protection Authority (APD)	Belgium	Failure to comply with data processing principles	-- Articles: Art. 5 (1) d) GDPR, Art. 5 (2) GDPR, Art. 24 (1) GDPR, Art. 32 (1), (2) GDPR
2020-02-14	Grupo Valsor Y Losan	€3K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Non-compliance with lawful basis for data processing	-- Articles: Art. 5 (1) f) GDPR
2022-01-01	Unknown	€3K	GDPR	Data Protection Commissioner of Malta	Malta	Failure to implement sufficient measures to ensure information security	-- Articles: Art. 24 (2) GDPR, Art. 32 (1) (b) GDPR, Art. 32 (4) GDPR
2020-01-01	Unknown	€3K	GDPR	Data Protection Commissioner of Malta	Malta	Failure to implement sufficient measures to ensure information security	-- Articles: Art. 32 (1) b) GDPR
2022-02-18	Private person	€3K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Failure to comply with data processing principles	-- Articles: Art. 5 (1) c) GDPR, Art. 13 GDPR
2019-10-17	UTTIS INDUSTRIES	€3K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Information obligation non-compliance	-- Articles: Art. 12 GDPR, Art. 13 GDPR, Art. 5 (1) c) GDPR, Art. 6 GDPR
2022-04-28	“Isabella Gonzaga” high school	€3K	GDPR	Italian Data Protection Authority (Garante)	Italy	Failure to comply with data processing principles	-- Articles: Art. 5 GDPR, Art. 6 GDPR, Art. 9 GDPR, Art. 2-ter Codice della privacy, Art. 2-sexties Codice della privacy
2022-05-18	Azienda sanitaria locale di Bari	€3K	GDPR	Italian Data Protection Authority (Garante)	Italy	Failure to comply with data processing principles	-- Articles: Art. 5 (1) a), c), f) GDPR, Art. 9 GDPR, Art. 25 (1), (2) GDPR
2020-01-01	Unknown	€3K	GDPR	Data Protection Commissioner of Malta	Malta	Failure to comply with data processing principles	-- Articles: Art. 5 (1) f) GDPR, Art. 32 (1) b) GDPR
2022-10-11	Azienda Sanitaria Locale di Brindisi	€3K	GDPR	Italian Data Protection Authority (Garante)	Italy	Insufficient fulfilment of data subjects rights	-- Articles: Art. 12 (3) GDPR, Art. 15 GDPR
2019-11-29	Royal President S.R.L.	€3K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Information obligation non-compliance	-- Articles: Art. 12 GDPR, Art. 15 GDPR
2019-10-17	UTTIS INDUSTRIES	€3K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Information obligation non-compliance	A controller was sanctioned because he had unlawfully processed the personal dat... A controller was sanctioned because he had unlawfully processed the personal data (CNP), and images of employees obtained through the surveillance system. The disclosure of the CNP in a report for the ISCIR training in 2018 wasn’t legal, as per Art.6 GDPR. Articles: Art. 12 GDPR, Art. 13 GDPR, Art. 5 (1) c) GDPR, Art. 6 GDPR
2019-11-29	Royal President S.R.L.	€3K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Information obligation non-compliance	The pension Royal President near Bucharest was fined €2,500 after it refused to ... The pension Royal President near Bucharest was fined €2,500 after it refused to process a request for the exercise of the right of access. The Romanian Data Processing Authority also determined that customers’ personal data was not processed in accordance with GDPR principles. Articles: Art. 12 GDPR, Art. 15 GDPR
2022-12-13	Company	€3K	GDPR	National Commission for Data Protection (CNPD)	Luxembourg	Non-compliance with lawful basis for data processing	-- Articles: Art. 12 (1) GDPR
2019-02-05	Private individual	€3K	GDPR	Data Protection Authority of Sachsen-Anhalt	Germany	Non-compliance with lawful basis for data processing	A private person sent several emails containing the email addresses of several s... A private person sent several emails containing the email addresses of several subjects, and each subject could see other recipients of that email. In the person’s mailing list, more than 131 email addresses had been found. He was accused of ten such offenses. Articles: Art. 6 GDPR, Art. 5 GDPR
2020-02-14	Grupo Valsor Y Losan	€3K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Non-compliance with lawful basis for data processing	The company had disclosed the third party data of a client during a property pur... The company had disclosed the third party data of a client during a property purchase agreement. Articles: Art. 5 (1) f) GDPR
2019-02-05	Private individual	€3K	GDPR	Data Protection Authority of Sachsen-Anhalt	Germany	Non-compliance with lawful basis for data processing	-- Articles: Art. 6 GDPR, Art. 5 GDPR
2020-01-01	Unknown	€3K	GDPR	Data Protection Commissioner of Malta	Malta	Failure to implement sufficient measures to ensure information security	-- Articles: Art. 32 (1) b) GDPR
2022-07-26	Homeowners Association	€3K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Failure to comply with data processing principles	-- Articles: Art. 5 (1) f) GDPR
2021-05-12	Unknown	€2K	GDPR	National Commission for Data Protection (CNPD)	Luxembourg	Failure to comply with data processing principles	-- Articles: Art. 5 (1) c) GDPR
2022-01-14	Pharma Talents, SLU	€2K	GDPR	Spanish Data Protection Authority (AEPD)	Spain	Non-compliance with lawful basis for data processing	-- Articles: Art. 5 (1) f) GDPR, Art. 32 GDPR

PreviousPage 57 of 82Next