Iberia Lineas Aereas de Espana, S.A. Operadora Unipersonal – €20,000 Fine (Spain, 2020)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Iberia Airlines was fined €20,000 for continuing to send emails to a person who had withdrawn consent and asked for their data to be deleted. This case emphasizes the importance of respecting customer requests regarding their personal data. Businesses should ensure they have systems in place to honor such requests promptly.
What happened
Iberia Airlines kept sending emails to a person after they withdrew consent and requested data deletion.
Who was affected
The affected person who had asked Iberia to stop using their personal data.
What the authority found
The Spanish data protection authority fined Iberia €20,000 for not respecting the person's request to stop processing their data.
Why this matters
This fine underscores the need for companies to respect customer data preferences and ensure they have effective processes to stop data use when consent is withdrawn. It highlights the risks of ignoring GDPR rules on consent and data processing.
GDPR Articles Cited
Iberia continued to send e-mails to the data subject, despite the data subject had requested the withdrawal of his consent and the erasure of his personal data and that the execution of these measures had already been confirmed to him.
Related Enforcement Actions (0)
No other enforcement actions found for Iberia Lineas Aereas de Espana, S.A. Operadora Unipersonal in ES
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
3 February 2020
Authority
Agencia Española de Protección de Datos
Fine Amount
€20,000
Enforcement Tracker ID
ETid-196
About this data
Cite as: Cookie Fines. Iberia Lineas Aereas de Espana, S.A. Operadora Unipersonal - Spain (2020). Retrieved from cookiefines.eu
Last updated: