Unknown – €9,000 Fine (Spain, 2021)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A Spanish website operator was fined EUR 9,000 for posting photos of someone without their consent and not having a privacy policy on the site. This matters because it shows that businesses must respect privacy rights and clearly communicate how they handle personal data.
What happened
A website operator published photos of a person without their consent and failed to provide a privacy statement.
Who was affected
Individuals whose photos were posted on the website without their consent.
What the authority found
The Spanish authority found the website operator violated GDPR by lacking consent for the photos and not providing a privacy policy.
Why this matters
This case highlights the importance of obtaining consent before using personal images and having a clear privacy policy. Website operators should ensure they comply with GDPR to avoid fines.
GDPR Articles Cited
The Spanish DPA (AEPD) imposed a fine of EUR 9,000 on a website operator. The controller had published photos of the data subject on its website without the consent of the data subject. Also, the website in question did not contain a privacy statement. The fine is composed as follows: EUR 5,000 for a violation of Art. 6 GDPR and EUR 4,000 for a violation of Art. 13 GDPR.
Related Enforcement Actions (5)
Other enforcement actions involving Unknown in ES
Fine
€9K
Details
Fine Date
2 March 2021
Authority
Agencia Española de Protección de Datos
Fine Amount
€9,000
Enforcement Tracker ID
ETid-574
About this data
Cite as: Cookie Fines. Unknown - Spain (2021). Retrieved from cookiefines.eu
Last updated: