Search Privacy Fines

Browse and filter privacy enforcement fines worldwide.

← Back to Overview

2,028 fines found

Total: $8.1B

DateCompanyFineRegulationAuthorityCountryTypeSummary
2022-11-24STS Di Prisinzano s.r.l.€1KGDPRItalian Data Protection Authority (Garante)ItalyFailure to comply with data processing principles
--

Articles: Art. 5 (1) a) GDPR, Art. 13 GDPR

2022-11-24Private individual€1KGDPRItalian Data Protection Authority (Garante)ItalyFailure to comply with data processing principles
--

Articles: Art. 5 GDPR, Art. 6 GDPR, Art. 9 GDPR, Art. 32 GDPR, Art. 2-septies (8) Codice della privacy

2023-01-31Dent Estet Clinic SA€1KGDPRRomanian National Supervisory Authority for Personal Data Processing (ANSPDCP)RomaniaFailure to notify DPA of a data breach
--

Articles: Art. 33 GDPR

2022-11-09SC Das Sense Society SRL€1KGDPRRomanian National Supervisory Authority for Personal Data Processing (ANSPDCP)Romania Non-cooperation with Data Protection Authority
--

Articles: Art. 58 (1) GDPR

2021-11-15Private individual€1KGDPRSpanish Data Protection Authority (AEPD)SpainNon-compliance with lawful basis for data processing
--

Articles: Art. 5 (1) c) GDPR

2022-02-07Café Operator€1KGDPRSpanish Data Protection Authority (AEPD)SpainNon-compliance with lawful basis for data processing
--

Articles: Art. 5 (1) c) GDPR

2022-02-01SC Grupex 2000 SRL€1KGDPR Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)RomaniaFailure to comply with data processing principles
--

Articles: Art. 6 GDPR, Art. 9 GDPR

2022-01-13A.S.L. Napoli 1 Centro€1KGDPRItalian Data Protection Authority (Garante)ItalyNon-compliance with lawful basis for data processing
--

Articles: Art. 5 GDPR, Art. 6 GDPR, Art. 2-ter Codice della privacy

2021-12-16Universita Telematica Internazionale Uninettuno €1KGDPRItalian Data Protection Authority (Garante)ItalyNon-compliance with lawful basis for data processing
--

Articles: Art. 5 (1) c) GDPR

2022-08-29Alpha Bank Romania SA€1KGDPRRomanian National Supervisory Authority for Personal Data Processing (ANSPDCP)RomaniaNon-compliance with subjects' rights protection safeguards
--

Articles: Art. 29 GDPR, Art. 32 (1) b) GDPR, Art. 32 (2), (4) GDPR

2022-08-16Farpa s.r.l.€1KGDPRItalian Data Protection Authority (Garante)ItalyFailure to comply with data processing principles
--

Articles: Art. 5 (1) a) GDPR, Art. 13 GDPR, Art. 88 GDPR, Art. 114 Codice della privacy

2022-04-18IKEA România S.R.L.€1KGDPRRomanian National Supervisory Authority for Personal Data Processing (ANSPDCP)RomaniaNon-compliance with subjects' rights protection safeguards
--

Articles: Art. 12 (3) GDPR

2022-02-02Café Operator€1KGDPRNational Commission for Data Protection (CNPD)LuxembourgFailure to comply with data processing principles
--

Articles: Art. 5 (1) c) GDPR, Art. 13 GDPR

2022-06-20SC Interactions Marketing SRL€1KGDPRRomanian National Supervisory Authority for Personal Data Processing (ANSPDCP)RomaniaFailure to implement sufficient measures to ensure information security
--

Articles: Art. 32 (1) b) GDPR

2022-02-21Store owner€1KGDPRSpanish Data Protection Authority (AEPD)SpainNon-compliance with subjects' rights protection safeguards
--

Articles: Art. 13 GDPR

2022-02-22Civil law firm “Sabou, Burz & Cuc”€1KGDPRRomanian National Supervisory Authority for Personal Data Processing (ANSPDCP)RomaniaNon-compliance with lawful basis for data processing
--

Articles: Art. 5 (1) a), b), c), f) GDPR, Art. 5 (2) GDPR, Art. 6 GDPR

2023-01-31Dentist€1KGDPRRomanian National Supervisory Authority for Personal Data Processing (ANSPDCP)RomaniaNon-compliance with lawful basis for data processing
--

Articles: Art. 6 (1) a) GDPR, Art. 9 (2) a) GDPR

2022-01-13Villa Masi Residenza per anziani€1KGDPRItalian Data Protection Authority (Garante)ItalyNon-compliance with subjects' rights protection safeguards
--

Articles: Art. 13 GDPR

2022-12-20Private Individual€1KGDPRSpanish Data Protection Authority (AEPD)SpainFailure to comply with data processing principles
--

Articles: Art. 5 (1) c) GDPR

2020-10-29American College of Greece€1KGDPRHellenic Data Protection Authority (HDPA)GreeceNon-compliance with subjects' rights protection safeguards
--

Articles: Art. 12 (3), (4) GDPR

2021-07-01Unknown€1KGDPRSpanish Data Protection Authority (AEPD)SpainFailure to comply with data processing principles
--

Articles: Art. 6 (1) GDPR

2021-10-04Store owner€1KGDPRSpanish Data Protection Authority (AEPD)SpainInformation obligation non-compliance
--

Articles: Art. 13 GDPR

2023-02-01Tensa Art Design SA€1KGDPRRomanian National Supervisory Authority for Personal Data Processing (ANSPDCP)RomaniaInsufficient fulfilment of data subjects rights
--

Articles: Art. 21 (3) GDPR

2023-01-18Dante Internațional SA€1KGDPRRomanian National Supervisory Authority for Personal Data Processing (ANSPDCP)RomaniaInformation obligation non-compliance
--

Articles: Art. 17 GDPR

1970-01-01Individual entrepreneur€980GDPRCzech Data Protection Authority (UOOU)Czech RepublicFailure to implement sufficient measures to ensure information security
An online game operator was exposed to a DDoS attack that led to the malfunction...

An online game operator was exposed to a DDoS attack that led to the malfunctioning of the game serves. The attackers blackmailed the operator into paying money for the attacks to stop. As part of the “deal”, the attackers offered the operator to create and implement a better firewall protection system that would prevent any future attacks from other parties. The operator agreed to this “deal”. The game operator then implemented the new code which indeed proved to be better than the old one used but – let’s be honest, unsurprisingly – also included a backdoor that allowed the attacker to steal all the data that was on the server which included player details and personal information. The attacker uploaded this information on their website after that.

Articles: Art. 32 GDPR

PreviousPage 70 of 82Next