Poland: erroneous risk analysis
🔗 Cybersecurity ≠ Protection of rights & freedoms: the error that costs Białystok paediatric hospital fined PLN 66,500 / ~€15,000 🇵🇱 UODO sanction :...
Read more📢 Spain, excessive data collection!
📢 Do you work in the hotel industry 🇪🇸? Is your privacy policy really up to date? 👁️ If you go to a hotel in Spain 🇪🇸 Expect to fill in a form with 4...
Read more🇸🇪 Sweden: breathalyser tests
🛳️🫧 When daily breath tests sink GDPR compliance: the WÅAB case (Sweden) Regulator: IMY (Swedish DPA)Source: IMY-2024-1520, 18 June 2025 🔍 The facts...
Read more🇫🇷 Penalty amounts
⚖️ 1. CNIL Penalties📝 No obligation to reveal how fines are calculated“The CNIL must state the legal and factual grounds for a sanction, but it is not...
Read more🇮🇹 OPT-OUT / Penalty
🇮🇹 Italy - 🏠 Estate agency penalised for unwanted calls 🔔 A reminder: a single complaint can trigger an inspection! Regulator: Il Garante (GPDP) Sour...
Read more⌛ Delay in processing requests for access rights
🔍 When emails sent to the DPO are identified as SPAM! Regulator: CNPD, Luxembourg Source: Deliberation no. 1FR/2025 of 6 January 2025 🚦 Response tim...
Read more🚦 Penalty: vulnerabilities identified by unpatched pentests
🚨 Spain, a French supermarket chain sanctioned: For failing to correct all the flaws identified by the pentests. Regulator : AEPD Source : ps-00128-2...
Read moreVideo surveillance: Use without authorization
Source : PS 0345-2024 🎯 Context: A supermarket customer complains about a refund error. An employee shows her the CCTV footage captured on her mobil...
Read more📣 A lack of confidentiality
🔎 Confidentiality broken in an internal investigation protocol = €120,000 fine. Source: PS 0505-2024 The Spanish regulator, AEPD has fined a company...
Read more📌 Data Deletion Not Effectively Implemented
📜 Data Blocking and Deletion : Breach of Article 32 of the LOPDGDD Source :PS-00176-2024 The AEPD imposed a €20,000 fine (reduced to €16,000 for e...
Read more🏦 Bank and Access
Source : PS/00477/2023 · A bank allowed unauthorized access to a joint bank account by a third party (the mother of one of the holders), withou...
Read more🍊Cookies and Commercial Prospecting 🇫🇷
📱🍪 €50 Million Fine for a French Telecom Operator 📱🍪 On November 14, 2024, the CNIL imposed a €50 million fine on a French telecom operator for displ...
Read more