HUBSIDE.STORE – €525,000 Fine (France, 2024)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
HUBSIDE.STORE was fined for misleading customers about how their data would be used for marketing. This is important because it shows that businesses must be clear and honest about data collection practices. Companies should review their messaging to ensure it complies with privacy laws.
What happened
HUBSIDE.STORE misled users with unclear messaging about consent for marketing communications.
Who was affected
Individuals who received marketing communications from HUBSIDE.STORE without proper consent were affected.
What the authority found
The French DPA found that HUBSIDE.STORE did not adequately inform users about how their data would be used, violating multiple GDPR articles.
Why this matters
This ruling emphasizes the need for clear communication regarding data use. Businesses should ensure their consent mechanisms are transparent to avoid hefty fines.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
National Law Articles
HUBSIDE.STORE (“controller”) has stores in France, Belgium, Spain, Portugal and Italy. In France, the controller carried out canvassing campaigns by telephone and SMS from prospect files purchased from two main data brokers, in order to promote the products it sold. The French DPA (“CNIL”) carried out an inspection at the controller’s premises in order to verify compliance with the GDPR and French Data Protection Act. During this inspection, the CNIL discovered that, regarding commercial prospecting by SMS, the controller carried out these operations using prospect files purchased from data suppliers. These data suppliers collected the data of the persons concerned via entry forms for online competitions, in order to enable their partners to use them in their commercial prospecting. The CNIL indicated that the forms accessible on the websites of the data suppliers were similar: beneath the fields enabling the person to enter their contact details was a “VALIDATE”, “I VALIDATE” or “I ANSWER QUESTIONS TO APPLY” button. Above or below this button, a text specified that by clicking on the button, the data subject declares that they have read the controller’s privacy policy and accepts that the data collected will be used to send them offers from the company’s partners. Hyperlinks were provided to access the privacy policy and the list of partners concerned. At the end of the text, it specified that if the data subject wishes to continue without receiving offers from the controller’s partners, they can click on a link in the text (“click here”). The CNIL also pointed out that the form contains a hypertext link to a nominative lust of partners and not to categories of partners. However, the list did not mention HUBSIDE.STORE. The controller also provided the CNIL with recordings of canvassing calls that they sent to Belgium in order to promote its stores there. The CNIL found that during these calls, the data subjects were only informed that the call had been recorded a
Violations (1)
The cookie banner uses misleading language to trick or pressure users into accepting cookies (dark patterns).
Art. 7 GDPR
Related Enforcement Actions (0)
No other enforcement actions found for HUBSIDE.STORE in FR
This is the only recorded action for this entity in this jurisdiction.
Similar Cases
Enforcement actions with similar violations
Details
Fine Date
4 April 2024
Authority
Commission Nationale de l'Informatique et des Libertés
Fine Amount
€525,000
About this data
Cite as: Cookie Fines. HUBSIDE.STORE - France (2024). Retrieved from cookiefines.eu
Last updated: