Pagamastarde S.L. – €3,000 Fine (Spain, 2021)

€3,000Agencia Española de Protección de Datos27 April 2021Spain
reduced
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Pagamastarde S.L. continued to send SMS ads to a person even after they asked to delete their data. The Spanish data protection authority fined the company because it failed to follow the person's request due to a mistake. This case shows that businesses must respect user requests for data deletion.

What happened

Pagamastarde S.L. sent SMS advertisements despite a person's request to delete their data.

Who was affected

The person who requested their data deletion but continued to receive ads was affected.

What the authority found

The authority found that the company violated GDPR by not deleting the person's data as requested.

Why this matters

This case highlights the need for companies to have reliable processes for handling data deletion requests. It serves as a warning that failing to comply can lead to fines.

GDPR Articles Cited

AI-verified

Art. 17(1) GDPR
View original scraped data
Art. 17(1) GDPR

Original data from scraper before AI verification against source document.

National Law Articles

AI-identified

Art. 21 LSSI
Source verified 7 April 2026
articles corrected
national law identified
amount discrepancy
Spain enforcementAgencia Española de Protección de Datos actionsAll Pagamastarde S.L. actions
Full Legal Summary
Detailed

The Spanish DPA (AEPD) has imposed a fine of EUR 5,000 on Pagamastarde S.L.. A data subject had filed a complaint with the AEPD against the controller due to the fact that the controller continued to send him SMS advertisements, despite the fact that he had requested the deletion of his data and the controller had confirmed the deletion. The controller stated that the data subject's request had not been fulfilled due to a human error. The fine is composed proportionately of EUR 3,000 for a violation of Art. 17 (1) GDPR and EUR 2,000 for a violation of Art. 21 LSSI. The original fine of EUR 5,000 was reduced to EUR 3,000 due to immediate payment and admission of guilt.

Violations (1)

Misleading Banner Messaging
critical

The cookie banner uses misleading language to trick or pressure users into accepting cookies (dark patterns).

Art. 7 GDPR

Related Enforcement Actions (0)

No other enforcement actions found for Pagamastarde S.L. in ES

This is the only recorded action for this entity in this jurisdiction.

Similar Cases

Enforcement actions with similar violations

GOOGLE LLC

2025 · Commission Nationale de l'Informatique et des Libertés

€200.0M

CJEU case C-604/22 IAB Europe

2024 · Court of Justice of the European Union

BANKIA, S.A.

2021 · Agencia Española de Protección de Datos

€50K

Details

Fine Date

27 April 2021

Authority

Agencia Española de Protección de Datos

Fine Amount

€3,000

Enforcement Tracker ID

ETid-657

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Pagamastarde S.L. - Spain (2021). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: