Alava Norte, S.L. – €4,000 Fine (Spain, 2021)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Alava Norte, a company in Spain, was fined EUR 4,000 for using excessive video surveillance. Their cameras captured public areas beyond what's necessary for security. This case shows that businesses must limit data collection to what's strictly needed for their purpose.
What happened
Alava Norte installed surveillance cameras that captured more footage than necessary, including public spaces.
Who was affected
People in public areas around the company's building who were recorded by the surveillance cameras.
What the authority found
The Spanish DPA fined the company for violating GDPR's data minimization principle by capturing unnecessary video footage.
Why this matters
This decision highlights the importance of adhering to data minimization principles, reminding businesses to evaluate their surveillance practices to ensure compliance with privacy laws.
GDPR Articles Cited
The Spanish DPA (AEPD) has fined Alava Norte, S.L. EUR 4,000. The controller had installed three 360° video surveillance cameras on the facade of one of its buildings to secure the facility. These also captured parts of the public space. The AEPD considered this to be a violation of the principle of data minimization, as such extensive video surveillance was not necessary to fulfill the purpose of the processing (security of the facility).
Related Enforcement Actions (0)
No other enforcement actions found for Alava Norte, S.L. in ES
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
25 May 2021
Authority
Agencia Española de Protección de Datos
Fine Amount
€4,000
Enforcement Tracker ID
ETid-695
About this data
Cite as: Cookie Fines. Alava Norte, S.L. - Spain (2021). Retrieved from cookiefines.eu
Last updated: