Regione Lombardia – €50,000 Fine (Italy, 2025)
Regione Lombardia was fined €50,000 for mishandling employee data without proper consent mechanisms. This ruling is significant because it shows that even public institutions must follow strict data protection rules.
What happened
The Italian DPA fined Regione Lombardia for failing to comply with data protection requirements when processing employee data.
Who was affected
Employees whose personal data was processed without proper consent were affected.
What the authority found
The authority found that Regione Lombardia did not meet GDPR standards for processing personal data, particularly regarding consent and transparency.
Why this matters
This case underscores the importance of having clear consent processes for handling employee data. Organizations should review their data practices to ensure compliance with GDPR.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
National Law Articles
The Italian DPA imposed a fine of EUR 50,000 on the Regione Lombardia. The controller tracked its employees' browser activities, including private ones, without a sufficient legal basis.
Violations (1)
Non-essential cookies (tracking, advertising) are placed on the user's device before obtaining valid consent.
Art. 6(1) GDPR
Related Enforcement Actions (1)
Other enforcement actions involving Regione Lombardia in IT
Similar Cases
Enforcement actions with similar violations
Details
Fine Date
29 April 2025
Authority
Garante per la protezione dei dati personali
Fine Amount
€50,000
About this data
Cite as: Cookie Fines. Regione Lombardia - Italy (2025). Retrieved from cookiefines.eu
Last updated: