Comune di Velletri – €2,000 Fine (Italy, 2026)

€2,000Garante per la protezione dei dati personali12 February 2026Italy
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

The Italian DPA fined the Commune di Velletri €2,000 for misusing personal data in a cemetery app. The app required users to provide personal information to access data about deceased individuals, which was beyond what was necessary. This ruling serves as a reminder for organizations to limit data collection to what is truly needed.

What happened

The Commune di Velletri's cemetery app required users to enter personal details to access information about deceased persons.

Who was affected

Users of the cemetery app who had to provide personal information to view data about deceased individuals.

What the authority found

The Italian DPA determined that the Commune improperly used public data and failed to inform users adequately about data processing.

Why this matters

This ruling highlights the importance of data minimization and transparency. Organizations should ensure they collect only necessary information and inform users about how their data will be used.

GDPR Articles Cited

AI-verified

Art. 13(GDPR)
Art. 5(1)(a) GDPR
Art. 6(1) GDPR
Art. 28(1) GDPR
View original scraped data
Art. 5(1) a) GDPR
Art. 6(GDPR)(Art)(12) GDPR
Art. 13(GDPR)
Art. 28(1) GDPR

Original data from scraper before AI verification against source document.

Source verified 14 April 2026
articles corrected
Italy enforcementGarante per la protezione dei dati personali actionsAll Comune di Velletri actions
Full Legal Summary
Detailed

The Italian DPA has imposed a fine of EUR 2,000 on the Commune di Velletri. The controller provided a cemetery app containing data on deceased persons for use within the app. The app combined public and institutional cemetery information, such as names and places of burial, with social and commercial features. In order to view the data of deceased persons, data subjects had to install the app, create a profile, and enter their personal details. Therefore, data processed for institutional public purposes was used for more than the municipality could have used it for. Additionally, the controller failed to adequately control the app provider, who acted as a processor, and to adequately inform data subjects.

Related Enforcement Actions (0)

No other enforcement actions found for Comune di Velletri in IT

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

12 February 2026

Authority

Garante per la protezione dei dati personali

Fine Amount

€2,000

Enforcement Tracker ID

ETid-3078

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Comune di Velletri - Italy (2026). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: