Based s.r.l. – €12,000 Fine (Italy, 2026)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Based s.r.l. was fined €12,000 for not responding properly to a former employee's request for access to their personal data. This case matters because it highlights the rights of individuals to access their information. Businesses should be prepared to handle such requests promptly and correctly.
What happened
The company failed to adequately respond to a request for access and deletion of personal data from a former employee.
Who was affected
A former employee who wanted to access and delete their personal data related to their email account.
What the authority found
The Italian DPA found that Based s.r.l. did not comply with the requirements for responding to data access requests under GDPR.
Why this matters
This case underscores the importance of having robust processes in place for handling data access requests. Companies should ensure they are ready to respond to such inquiries to avoid penalties.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
National Law Articles
The Italian DPA has imposed a fine of EUR 12,000 on Based s.r.l. A former employee requested access to his personal data relating to his email account, as well as the deletion of this data. The controller failed to respond adequately to the request and also failed to provide the data subject with its privacy policy.
Related Enforcement Actions (0)
No other enforcement actions found for Based s.r.l. in IT
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
12 February 2026
Authority
Garante per la protezione dei dati personali
Fine Amount
€12,000
Enforcement Tracker ID
ETid-3083
About this data
Cite as: Cookie Fines. Based s.r.l. - Italy (2026). Retrieved from cookiefines.eu
Last updated: