Università Telematica e-Campus – €50,000 Fine (Italy, 2026)

€50,000Garante per la protezione dei dati personali29 January 2026Italy
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Università Telematica e-Campus was fined €50,000 for using a facial recognition system to track attendance in online classes without proper legal grounds. This matters because it shows that companies must have a valid reason to collect personal data, especially sensitive information like facial images.

What happened

The Italian DPA fined Università Telematica e-Campus for using facial recognition to control attendance without a valid legal basis.

Who was affected

Students attending online classes at Università Telematica e-Campus were affected by the facial recognition tracking.

What the authority found

The authority found that the university did not have a sufficient legal basis for processing personal data, violating GDPR principles.

Why this matters

This case highlights the importance of having a clear legal reason for processing personal data. It serves as a warning for educational institutions and other companies to ensure compliance with data protection rules.

GDPR Articles Cited

AI-verified

Art. 25(GDPR)
Art. 5(1)(c) GDPR
Art. 6(1)(c) GDPR
Art. 9(1)(g) GDPR
View original scraped data
Art. 5(1) c) GDPR
e) GDPR
Art. 6(1) c) GDPR
e)
(2)
(3) GDPR
Art. 9(1) g) GDPR
Art. 25(GDPR)

Original data from scraper before AI verification against source document.

Source verified 14 April 2026
articles corrected
national law identified
Italy enforcementGarante per la protezione dei dati personali actionsAll Università Telematica e-Campus actions
Full Legal Summary
Detailed

The Italian DPA has imposed a fine of EUR 50,000 on Università Telematica e-Campus. The controller used facial recognistion system to controll the attendance in online classes, but failed to base the processing on a sufficient legal basis. Additionally the processor failed to comply with the prinicples of data minimisation, storage limitiation and data protection by default.

Related Enforcement Actions (0)

No other enforcement actions found for Università Telematica e-Campus in IT

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

29 January 2026

Authority

Garante per la protezione dei dati personali

Fine Amount

€50,000

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Università Telematica e-Campus - Italy (2026). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: