«ΚΑΡΙΕΡΑ Α.Ε.» – €5,000 Fine (Greece, 2021)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The Hellenic Data Protection Authority fined ΚΑΡΙΕΡΑ Α.Ε. for continuing to send promotional emails even after a user asked to stop. This matters because it highlights the importance of respecting user requests and managing personal data properly.
What happened
ΚΑΡΙΕΡΑ Α.Ε. failed to stop sending promotional emails after a user requested to erase their personal data.
Who was affected
A user who requested to stop receiving promotional emails from ΚΑΡΙΕΡΑ Α.Ε. was affected.
What the authority found
The authority found that the company did not effectively delete the user's data, violating GDPR rules on data erasure.
Why this matters
This case emphasizes that companies must have reliable systems in place to honor user requests for data deletion. It serves as a reminder for businesses to ensure compliance with data protection laws.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The complainant requested to stop receiving promotional emails by the company. The promotional emails didn't stop even after he followed all the directions on the company's website and even after he submitted a request of erasure of his personal data held by the company, for which he received a confirmation email stating that all his data we deleted by the company's servers. The company stated that due to technical errors and duplicate registration of the data subject's email address, the process of the deletion of the complainant's data was not successful. The personal data processed by the company were recorded electronically in a database referred to as the ‘Master Database'. All changes to personal data, such as deletions from email lists or requests submitted by data subjects are initially entered in the Master Database, and are then integrated/ copied into the individual databases that connect to the Main Database through a synchronization process which takes place automatically on a daily basis. One of these such databases linked to the Main Database is also the Email Database. Due to a technical error in the computer systems, there was a double registration of the email address of the complainant in the Email Database. This double entry error was detected and corrected immediately so as not to be repeated in the future. However, the duplicate address file remained in the E-mail Database, with the result while the first address file was deleted, the address file remained in the E-mail Database. Thus, when the complainants requested deletion from the E-mail Database using the delete / unsubscribe link, the request was recorded successfully in the Master Data Sheet, but the synchronization process failed to replace / delete the duplicate entry of the email address of the complainant in the E-mail Database. This is the reason why the complainant continued to receive emails about jobs offered by the company. After examination of the facts of the case and aft
Violations (1)
Non-essential cookies (tracking, advertising) are placed on the user's device before obtaining valid consent.
Art. 6(1) GDPR
Related Enforcement Actions (0)
No other enforcement actions found for «ΚΑΡΙΕΡΑ Α.Ε.» in GR
This is the only recorded action for this entity in this jurisdiction.
Similar Cases
Enforcement actions with similar violations
Details
Fine Date
17 February 2021
Authority
Hellenic Data Protection Authority
Fine Amount
€5,000
GDPRhub ID
gdprhub-3519About this data
Cite as: Cookie Fines. «ΚΑΡΙΕΡΑ Α.Ε.» - Greece (2021). Retrieved from cookiefines.eu
Last updated: