Based s.r.l. – €12,000 Fine (Italy, 2026)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Based s.r.l. was fined €12,000 for failing to respond properly to a former employee's request for their personal data. This case is significant because it shows that companies must respect individuals' rights to access and delete their data.
What happened
A former employee requested access to their personal data and deletion of that data, but Based s.r.l. did not respond adequately.
Who was affected
The former employee whose personal data was not properly handled.
What the authority found
The Italian DPA found that Based s.r.l. failed to comply with legal requirements for responding to data access and deletion requests.
Why this matters
This case underscores the importance of having clear processes in place to handle data requests from employees and customers.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The Italian DPA has imposed a fine of EUR 12,000 on Based s.r.l. A former employee requested access to his personal data relating to his email account, as well as the deletion of this data. The controller failed to respond adequately to the request and also failed to provide the data subject with its privacy policy.
Related Enforcement Actions (0)
No other enforcement actions found for Based s.r.l. in IT
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
12 February 2026
Authority
Garante per la protezione dei dati personali
Fine Amount
€12,000
Enforcement Tracker ID
ETid-1219
About this data
Cite as: Cookie Fines. Based s.r.l. - Italy (2026). Retrieved from cookiefines.eu
Last updated: