UNIVERSIDAD A DISTANCIA DE MADRID, S.A. – €3,000 Fine (Spain, 2021)

€3,000Agencia Española de Protección de Datos29 July 2021Spain
reduced
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

The Spanish data protection authority fined a university for sending emails to a person who had asked for their data to be deleted. This case shows the importance of respecting people's requests to remove their data. Businesses should ensure they fully comply with data deletion requests.

What happened

The university sent promotional emails to a person after confirming their data had been deleted.

Who was affected

The affected individual was a person who requested the deletion of their data from the university's records.

What the authority found

The authority found that the university violated GDPR by not fully deleting the individual's data as requested, leading to unauthorized email marketing.

Why this matters

This case highlights the need for organizations to honor data deletion requests promptly and thoroughly. It serves as a reminder that failing to do so can result in fines and damage to reputation.

GDPR Articles Cited

Art. 17(1) GDPR

National Law Articles

Art. 21 LSSI
Spain enforcementAgencia Española de Protección de Datos actionsAll UNIVERSIDAD A DISTANCIA DE MADRID, S.A. actions
Full Legal Summary
Detailed

The Spanish DPA (AEPD) has imposed a fine on UNIVERSIDAD A DISTANCIA DE MADRID, S.A.. A data subject had filed a complaint against the distance learning university. He stated that he had requested the controller to delete all his data and prohibit its processing for any purpose. He received a confirmation, that his data had been completely deleted. Nevertheless, the data subject later received advertising from the controller by e-mail. The AEPD then imposed a fine of EUR 5,000, which was reduced to EUR 3,000 due to acknowledgement of guilt and immediate payment.

Violations (1)

Misleading Banner Messaging
critical

The cookie banner uses misleading language to trick or pressure users into accepting cookies (dark patterns).

Art. 7 GDPR

Related Enforcement Actions (0)

No other enforcement actions found for UNIVERSIDAD A DISTANCIA DE MADRID, S.A. in ES

This is the only recorded action for this entity in this jurisdiction.

Similar Cases

Enforcement actions with similar violations

Website operator

2023 · Agencia Española de Protección de Datos

€1K

Pagamastarde S.L.

2021 · Agencia Española de Protección de Datos

€3K

Marbella Resorts S.L.

2021 · Agencia Española de Protección de Datos

€4K

BANKIA, S.A.

2021 · Agencia Española de Protección de Datos

€50K

GOOGLE LLC

2025 · Commission Nationale de l'Informatique et des Libertés

€200.0M

Details

Fine Date

29 July 2021

Authority

Agencia Española de Protección de Datos

Fine Amount

€3,000

Enforcement Tracker ID

ETid-779

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. UNIVERSIDAD A DISTANCIA DE MADRID, S.A. - Spain (2021). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: