Comune di Velletri – €2,000 Fine (Italy, 2026)

€2,000Garante per la protezione dei dati personali12 February 2026Italy
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Comune di Velletri was fined €2,000 for improperly using data in a cemetery app. This is important because it shows that even public information must be handled carefully, especially when combined with personal data. Organizations must ensure they control how data is used and inform users properly.

What happened

Comune di Velletri used data from a cemetery app in ways that exceeded its intended purpose.

Who was affected

Users of the cemetery app who had to provide personal details were affected.

What the authority found

The Italian Data Protection Authority found that the municipality did not adequately control the app provider and failed to inform users about data processing.

Why this matters

This ruling highlights the need for organizations to manage third-party services carefully and ensure users are informed about how their data is used. Clear communication and oversight are crucial.

GDPR Articles Cited

AI-verified

Art. 13(GDPR)
Art. 5(1)(a) GDPR
Art. 28(1) GDPR
Art. 6(GDPR)(Art)(12) GDPR
View original scraped data
Art. 5(1) a) GDPR
Art. 6(GDPR)(Art)(12) GDPR
Art. 13(GDPR)
Art. 28(1) GDPR

Original data from scraper before AI verification against source document.

Source verified 14 April 2026
articles corrected
Italy enforcementGarante per la protezione dei dati personali actionsAll Comune di Velletri actions
Full Legal Summary
Detailed

The Italian DPA has imposed a fine of EUR 2,000 on the Commune di Velletri. The controller provided a cemetery app containing data on deceased persons for use within the app. The app combined public and institutional cemetery information, such as names and places of burial, with social and commercial features. In order to view the data of deceased persons, data subjects had to install the app, create a profile, and enter their personal details. Therefore, data processed for institutional public purposes was used for more than the municipality could have used it for. Additionally, the controller failed to adequately control the app provider, who acted as a processor, and to adequately inform data subjects.

Related Enforcement Actions (0)

No other enforcement actions found for Comune di Velletri in IT

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

12 February 2026

Authority

Garante per la protezione dei dati personali

Fine Amount

€2,000

Enforcement Tracker ID

ETid-1214

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Comune di Velletri - Italy (2026). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: