IBERIA LÍNEAS AÉREAS DE ESPAÑA, S.A. OPERADORA UNIPERSONAL – €30,000 Fine (Spain, 2020)

€30,000Agencia Española de Protección de Datos16 October 2020Spain
final
ePrivacy
Fine

Iberia was fined 30,000 euros for not allowing website users to reject cookies and for placing cookies without consent. The Spanish DPA found that the airline's cookie information was unclear and misleading. This case highlights the need for clear cookie consent options on websites.

What happened

Iberia was fined for not providing an option to reject cookies and for placing cookies without user consent.

Who was affected

Website visitors who were forced to accept cookies to continue browsing Iberia's site.

What the authority found

The Spanish DPA ruled that Iberia violated cookie consent rules by not allowing users to reject cookies and by providing misleading information.

Why this matters

This case emphasizes the importance of transparent cookie practices. Website operators should ensure users can easily reject cookies and receive clear information about their use.

National Law Articles

Article 22(2) LSSI
Spain enforcementAgencia Española de Protección de Datos actionsAll IBERIA LÍNEAS AÉREAS DE ESPAÑA, S.A. OPERADORA UNIPERSONAL actions
Full Legal Summary
Detailed

Iberia's website lacked a reject option for cookies, placed cookies before obtaining consent, and provided incomplete and misleading cookie information.

Violations (5)

No Reject Button
critical

Cookie banner does not provide a clear reject/refuse all button at the same level as the accept button.

Art. 7 GDPR

Cookies Placed Before Consent
critical

Non-essential cookies (tracking, advertising) are placed on the user's device before obtaining valid consent.

Art. 6(1) GDPR

Third-Party Cookies Without Consent
critical

Third-party tracking cookies or scripts are loaded without obtaining prior user consent.

Art. 13, 14 GDPR

Unclear Cookie Information
high

The cookie banner or cookie policy provides vague, incomplete, or unclear information about what cookies are used and why.

Art. 12, 13 GDPR

Misleading Banner Messaging
critical

The cookie banner uses misleading language to trick or pressure users into accepting cookies (dark patterns).

Art. 7 GDPR

Related Enforcement Actions (0)

No other enforcement actions found for IBERIA LÍNEAS AÉREAS DE ESPAÑA, S.A. OPERADORA UNIPERSONAL in ES

This is the only recorded action for this entity in this jurisdiction.

Similar Cases

Enforcement actions with similar violations

unknown (claimant)

2021 · DPA OLGWien

Azienda USL della Romagna

2021 · Garante per la protezione dei dati personali

€50K

Ramona Films, S.L.

2022 · Agencia Española de Protección de Datos

€8K

CNIL

2019 · Court of Justice of the European Union

Minister for Legal Protection

2022 · DPA RbOverijssel

Details

Fine Date

16 October 2020

Authority

Agencia Española de Protección de Datos

Fine Amount

€30,000

GDPRhub ID

gdprhub-3698

Sources

About this data

Data: GDPRhub (noyb.eu)
Licensed under CC BY-NC-SA 4.0
AI-verified and classified
Cookie relevance: 100%

Cite as: Cookie Fines. IBERIA LÍNEAS AÉREAS DE ESPAÑA, S.A. OPERADORA UNIPERSONAL - Spain (2020). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: