Vueling Airlines – €30,000 Fine (Spain, 2019)

€30,000Agencia Española de Protección de Datos1 October 2019Spain
reduced
Fine

Vueling Airlines was fined for not allowing users to refuse cookies on its website, forcing them to accept them to browse. This is significant because it shows that companies must give users clear choices about their data. Other businesses should ensure they provide options for users to reject cookies to comply with privacy laws.

What happened

Vueling Airlines did not provide a way for users to reject cookies on their website.

Who was affected

Website visitors who were forced to accept cookies to use Vueling's site.

What the authority found

The authority found that Vueling violated GDPR by not allowing users to refuse cookies.

Why this matters

This ruling reinforces the need for companies to respect user choices regarding data collection. Businesses should review their cookie policies to ensure compliance.

GDPR Articles Cited

AI-verified

Art. 5(1)(a) GDPR
Art. 6(1) GDPR
View original scraped data
Art. 5(GDPR)
Art. 6(GDPR)

Original data from scraper before AI verification against source document.

National Law Articles

AI-identified

Art. 22.2 LSSI
Source verified 4 April 2026
articles corrected
national law identified
Spain enforcementAgencia Española de Protección de Datos actionsAll Vueling Airlines actions
Full Legal Summary
Detailed

The Spanish Data Protection Agency (AEPD) has sanctioned Vueling Airlines with 30,000 euros for not giving users the ability to refuse their cookies and force them to use them if they want to browse its website. In other words, it was not possible to browse the Vueling page without accepting their cookies. AEDP issued a sanctioning resolution for the amount of 30,000 euros, which could be reduced to 18,000 for immediate payment.

Violations (2)

No Reject Button
critical

Cookie banner does not provide a clear reject/refuse all button at the same level as the accept button.

Art. 7 GDPR

Cookies Placed Before Consent
critical

Non-essential cookies (tracking, advertising) are placed on the user's device before obtaining valid consent.

Art. 6(1) GDPR

Related Enforcement Actions (0)

No other enforcement actions found for Vueling Airlines in ES

This is the only recorded action for this entity in this jurisdiction.

Similar Cases

Enforcement actions with similar violations

Minister for Legal Protection

2022 · DPA RbOverijssel

CNIL

2019 · Court of Justice of the European Union

Details

Fine Date

1 October 2019

Authority

Agencia Española de Protección de Datos

Fine Amount

€30,000

Enforcement Tracker ID

ETid-86

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified
Cookie relevance: 100%

Cite as: Cookie Fines. Vueling Airlines - Spain (2019). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: