EDICIONES CATÓLICOS Y VIDA PÚBLICA, S.L.U. – €3,000 Fine (Spain, 2025)
A Spanish website owner was fined €3,000 for using cookies without getting users' consent first. The website installed tracking cookies even when users rejected them. This ruling serves as a reminder for website operators to ensure they follow cookie consent regulations to avoid penalties.
What happened
EDICIONES CATÓLICOS Y VIDA PÚBLICA, S.L.U. was fined for placing cookies on users' devices without prior consent.
Who was affected
Website visitors who had their browsing data tracked without consent due to the improper use of cookies.
What the authority found
The Spanish data protection authority found that the website violated ePrivacy laws by not obtaining proper consent before placing cookies.
Why this matters
This case underscores the importance of obtaining user consent for cookies. Website operators should review their cookie policies to ensure compliance with regulations.
National Law Articles
The controller is the website owner of EDICIONES CATÓLICOS Y VIDA PÚBLICA, S.L.U. On 3 September, 2024, a data subject filed a complaint against the controller. According to the complaint, the controller used non-technicalThe Spanish DPA uses the expression "technical cookies" in reference to all cookies that fall under either of the two exemptions of Article 5(3) ePrivacy Directive. In other words: technical cookies are needed to make the communication possible over the network, or (more likely) are strictly necessary in order to provide an information society service explicitly requested by the subscriber or user. and unnecessary cookies without the user's prior consent. The controller argued that the website's cookie policy was in accordance with the current regulations. Furthermore, the controller claimed that consent could be managed and revoked through their website; for the technical cookies no consent was required. The DPA started an investigation on 8 January 2025 and found that cookies were installed regardless of whether the user interacted with the website. Furthermore, cookies remained installed after users revoked or rejected all prior consent. The DPA found a breach of the national ePrivacy implementation law (LSSI)Law 34/2002, of July 11, on information society services and electronic commerce (Ley 34/2002, de 11 de julio, de servicios de la sociedad de la información y de comercio electrónico). [https://www.boe.es/buscar/act.php?id=BOE-A-2002-13758#a22 Article 22.2 LSSI] on the installation of cookies before the user's consent. The exemptions under this Article apply to cookies with technical functions. However, non-technical cookies were used without the user's prior consent. Furthermore, it was impossible to reject them, as they do not disappear after revoking or rejecting all consents. The DPA decided this infraction was minor based on Article [https://www.boe.es/buscar/act.php?id=BOE-A-2002-13758#a38 38(4)(g) LSSI]. According to the criteria o
Violations (2)
Non-essential cookies (tracking, advertising) are placed on the user's device before obtaining valid consent.
Art. 6(1) GDPR
Tracking cookies remain active or are re-placed even after the user explicitly rejects them.
Art. 6(1) GDPR
Related Enforcement Actions (0)
No other enforcement actions found for EDICIONES CATÓLICOS Y VIDA PÚBLICA, S.L.U. in ES
This is the only recorded action for this entity in this jurisdiction.
Similar Cases
Enforcement actions with similar violations
Details
Fine Date
30 June 2025
Authority
Agencia Española de Protección de Datos
Fine Amount
€3,000
GDPRhub ID
gdprhub-9420About this data
Cite as: Cookie Fines. EDICIONES CATÓLICOS Y VIDA PÚBLICA, S.L.U. - Spain (2025). Retrieved from cookiefines.eu
Last updated: