News

Keep up to date with the latest news, events and important announcements from Stelliane.

๐Ÿ‡ฎ๐Ÿ‡น๐Ÿ›‘ Passports: massive data theft

Cybersecurity, Confidentiality & Security | 10/09/2025

๐Ÿ“‚๐Ÿšซ Data leak: high-res passport scans stolen from multiple Italian hotels!!!๐Ÿ›‚ What to do if you stayed in Italy this summer? Between June and August ...

Read more

Cookies: Council of State

Cookies & Trackers | 10/09/2025

๐Ÿ’ฅ Cookies: the post office wins in the Council of State Some cookies are exempt from consent! Reminder: The La Poste / Digiposte case before the Coun...

Read more

๐Ÿšจ Cloud & sovereignty

Data Transfers, Confidentiality & Security | 10/09/2025

โš ๏ธANSSI sets the record straightSenate report of 8 July 2025 Sources: official Senate minutes (hearing of V. Strubel), SecNumCloud v3.2 framework (AN...

Read more

๐Ÿ‘‰ Non-compliant practices

Cookies & Trackers, Legal basis | 10/09/2025

๐Ÿ›ก๏ธ CNIL: €325M for Google & €150M for SHEIN — Enforcement on cookies & consent Regulator: CNILDecision, Google: SAN 2025-004Decision, SHEIN: SAN 2025...

Read more

๐Ÿ‡ช๐Ÿ‡ธ ๐Ÿšซ ๐Ÿ”€ No misuse of purpose

Legal basis | 10/09/2025

๐Ÿšจ โŒ AEPD – No illegal data repurposing: €1,200 penalty after acknowledgment of responsibility Regulator: AEPDDecision: PS-00181-2025, 2025-09-01 An ...

Read more

๐Ÿ”’ HR & Facebook

Legal basis | 18/07/2025

HR teams: stop mining employees’ Facebook posts. ๐Ÿ”Ž Autostrade per l’Italia fined €420,000 for… “screening” an employee’s Facebook ๐Ÿ‡ฎ๐Ÿ‡น Regulator: GPDP ...

Read more

Poland: erroneous risk analysis

Cybersecurity, Regulated Sectors | 18/07/2025

๐Ÿ”— Cybersecurity ≠ Protection of rights & freedoms: the error that costs Białystok paediatric hospital fined PLN 66,500 / ~€15,000 ๐Ÿ‡ต๐Ÿ‡ฑ UODO sanction :...

Read more

๐Ÿ“š TOS update

Data Transfers, Legal basis | 18/07/2025

๐Ÿšš๐Ÿ“ฆ WeTransfer: when a simple TOS update raises an GDPR tsunami On 15 July, WeTransfer discreetly slipped the following statement into its new TOS: ‘W...

Read more

โš ๏ธ Access request not handled in time!

Data Subject Rights, Regulated Sectors | 18/07/2025

๐Ÿšจ๐Ÿ‡ฎ๐Ÿ‡น Hard Drive Failure + Ignored Access Request = €2,000 Fine for Tirrenia Hospital Srl ๐Ÿš‘๐Ÿ’พ Regulator: GPDP (Italian DPA)Decision: 1...

Read more

๐Ÿ“ข Spain, excessive data collection!

Data Subject Rights, Retention & Minimisation, Legal basis | 08/07/2025

๐Ÿ“ข Do you work in the hotel industry ๐Ÿ‡ช๐Ÿ‡ธ? Is your privacy policy really up to date? ๐Ÿ‘๏ธ If you go to a hotel in Spain ๐Ÿ‡ช๐Ÿ‡ธ Expect to fill in a form with 4...

Read more

๐Ÿ‡ธ๐Ÿ‡ช Sweden: breathalyser tests

Retention & Minimisation, Legal basis | 30/06/2025

๐Ÿ›ณ๏ธ๐Ÿซง When daily breath tests sink GDPR compliance: the WÅAB case (Sweden) Regulator: IMY (Swedish DPA)Source: IMY-2024-1520, 18 June 2025 ๐Ÿ” The facts...

Read more

๐Ÿ‡ซ๐Ÿ‡ท Penalty amounts

Tools & Documentation | 26/06/2025

โš–๏ธ 1. CNIL Penalties๐Ÿ“ No obligation to reveal how fines are calculated“The CNIL must state the legal and factual grounds for a sanction, but it is not...

Read more

Explore all our areas of expertise:

Governance and Strategy Data Quality MDM / PIM Compliance
]]>