Iberdrola Clientes – €80,000 Fine (Spain, 2020)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Iberdrola Clientes was fined for making changes to a customer's contracts and sharing their personal data without permission. This is important because it shows companies must have a proper legal basis before processing personal data. The fine highlights the need for businesses to respect customer privacy rights under GDPR.
What happened
Iberdrola Clientes processed and shared a customer's personal data without a legal basis.
Who was affected
The affected individuals were customers whose contracts were altered and data shared without consent.
What the authority found
The AEPD fined Iberdrola Clientes for lacking a valid legal basis for processing personal data, violating GDPR's requirements.
Why this matters
This case emphasizes that companies must ensure they have a valid legal basis before processing or sharing personal data. It serves as a reminder for businesses to review their data handling practices to comply with privacy laws.
GDPR Articles Cited
Iberdola Clientes, an electricity company, terminated the data subject's contract without its consent, concluded three new contracts with the data subject, processed his personal data unlawfully and transferred the plaintiff's personal data to a third party without legal basis. In addition to this fine the AEPD also imposed another fine in the amount of EUR 50.000 under the old Spanish Data Protection Law.
Related Enforcement Actions (4)
Other enforcement actions involving Iberdrola Clientes in ES
Fine
€80K
Details
Fine Date
14 February 2020
Authority
Agencia Española de Protección de Datos
Fine Amount
€80,000
Enforcement Tracker ID
ETid-209
About this data
Cite as: Cookie Fines. Iberdrola Clientes - Spain (2020). Retrieved from cookiefines.eu
Last updated: