Company – €2,100 Fine (Luxembourg, 2022)

€2,100Commission Nationale pour la Protection des Données13 December 2022Luxembourg
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Luxembourg's data protection authority fined a company €2,100 for not giving clear information about how it processes personal data. This matters because businesses must communicate transparently with users about their data practices. The fine highlights the importance of being clear and accessible when sharing data processing details.

What happened

A company failed to provide clear and accessible information about its data processing practices.

Who was affected

Citizens using the company's online services who were not informed about how their data was handled.

What the authority found

The authority found that the company violated GDPR by not providing concise and intelligible information about data processing.

Why this matters

This case emphasizes that companies must ensure transparency in their data practices. It serves as a reminder for all businesses to review their privacy notices and make them user-friendly.

GDPR Articles Cited

AI-verified

Art. 13(GDPR)
Art. 12(1) GDPR
View original scraped data
Art. 12(1) GDPR
Art. 13(GDPR)

Original data from scraper before AI verification against source document.

Source verified 16 March 2026
articles corrected
Luxembourg enforcementCommission Nationale pour la Protection des Données actionsAll Company actions
Full Legal Summary
Detailed

The DPA of Luxembourg has imposed a fine of EUR 2,100 on a company that provides online services to citizens. During its investigation, the DPA found that the company had not provided information about data processing in a concise, transparent, intelligible and easily accessible form. The DPA considered this to be a violation of Art. 12 (1) GDPR. Furthermore the DPA found that the controller failed to provide the data subjects sufficient information on the processing of personal data, therefore violating Art. 13 GDPR.

Related Enforcement Actions (8)

Other enforcement actions involving Company in LU

Fine
Oct 2021· Commission Nationale pour la Protection des Données

The DPA of Luxembourg has imposed a fine of EUR 18,700 on a company. During its investigation, the DPA first found that the controller's public websit...

€19K
Fine
Jun 2022· Commission Nationale pour la Protection des Données

The DPA of Luxembourg (CNPD) has imposed a fine of EUR 3,000 on a company. The company had installed a video surveillance system for the purpose of pr...

€3K
Fine
Jun 2022· Commission Nationale pour la Protection des Données

The DPA of Luxembourg (CNPD) has imposed a fine of EUR 1,400 on a company. The controller had installed location sensors on a number of cars in its fl...

€1K
Fine
Jul 2022· Commission Nationale pour la Protection des Données

The DPA of Luxembourg (CNPD) has imposed a fine of EUR 10,000 on a company. The company had installed a video surveillance system for the purpose of p...

€10K
Fine
Dec 2022· Commission Nationale pour la Protection des Données

The DPA of Luxembourg has imposed a fine of EUR 700 on a company that provides online services to citizens. During its investigation, the DPA found th...

€700
Fine
Dec 2022· Commission Nationale pour la Protection des Données

The DPA of Luxembourg has imposed a fine of EUR 1,400 on a company that provides online services to citizens. During its investigation, the DPA found ...

€1K
Current
Dec 2022

Fine

€2K

Fine
Nov 2024· Commission Nationale pour la Protection des Données

The DPA of Luxembourg has issued a fine of EUR 2,300 on a company, that is active in the retail sale of telecommunication equipement in specialised st...

€2K
Fine
Apr 2025· Commission Nationale pour la Protection des Données

The DPA of Luxembourg has issued a fine of EUR 7,000 on a company. The controller failed to maintain complete records of its processing activities.

€7K

Details

Fine Date

13 December 2022

Authority

Commission Nationale pour la Protection des Données

Fine Amount

€2,100

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Company - Luxembourg (2022). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: