Orange Espagne S.A.U. – €80,000 Fine (Spain, 2020)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Orange Espagne opened phone lines in a customer's name without their permission, which is a form of fraud. This matters because it shows the importance of protecting personal information and ensuring companies verify who they are dealing with. The company was fined €80,000 for not following the rules about consent.
What happened
Orange Espagne processed personal data without the customer's consent when multiple phone lines were fraudulently opened in their name.
Who was affected
The customer whose identity was used to open the fraudulent phone lines was affected.
What the authority found
The Spanish data protection authority ruled that Orange Espagne failed to ensure it had the legal basis to process the customer's data, violating GDPR's consent requirements.
Why this matters
This case highlights the need for companies to take extra care in verifying customer identities to avoid fraud. It sets a precedent that companies can be held accountable for negligence in protecting personal data.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The company had unlawfully activated several telephone line contracts using the personal data of a data subject. This constituted an unlawful processing operation, since the data of the data subject was entered into the company's database and processed there without a legitimate legal basis.
Related Enforcement Actions (2)
Other enforcement actions involving Orange Espagne S.A.U. in ES
Fine
€80K
Details
Fine Date
20 July 2020
Authority
Agencia Española de Protección de Datos
Fine Amount
€80,000
Enforcement Tracker ID
ETid-349
About this data
Cite as: Cookie Fines. Orange Espagne S.A.U. - Spain (2020). Retrieved from cookiefines.eu
Last updated: