Company – €20,000 Fine (Croatia, 2024)

€20,000Agencija za zaštitu osobnih podataka26 February 2024Croatia
final
Fine

A company in Croatia was fined EUR 20,000 for placing cookies on users' devices without getting their consent first. This is important because it emphasizes the need for clear cookie policies and obtaining user permission before tracking their online behavior.

What happened

The company loaded non-essential cookies before obtaining valid consent from users.

Who was affected

Website visitors whose devices were tracked by the company's cookies were affected.

What the authority found

The Croatian authority ruled that the company violated GDPR by not providing adequate cookie information and failing to get consent before placing cookies.

Why this matters

This ruling highlights the importance of clear consent practices for cookies. Companies should ensure they have proper consent mechanisms in place to avoid hefty fines.

GDPR Articles Cited

AI-verified

Art. 7(GDPR)
Art. 5(1)(a) GDPR
Art. 6(1)(a) GDPR
Art. 13(1) GDPR
Art. 13(2) GDPR
View original scraped data
Art. 6(1) GDPR
Art. 7(GDPR)
Art. 13(1) GDPR
(2) GDPR

Original data from scraper before AI verification against source document.

National Law Articles

AI-identified

Art. 44 Zakon o provedbi Opće uredbe o zaštiti podataka
Art. 45 Zakon o provedbi Opće uredbe o zaštiti podataka
Art. 46 Zakon o provedbi Opće uredbe o zaštiti podataka
Art. 42 Zakon o općem upravnom postupku
Art. 96 Zakon o općem upravnom postupku
Source verified 23 April 2026
articles corrected
national law identified
verified correct
Croatia enforcementAgencija za zaštitu osobnih podataka actionsAll Company actions
Full Legal Summary
Detailed

The company was fined for loading non-essential cookies before obtaining valid consent and for not providing adequate cookie and privacy information.

Violations (2)

Cookies Placed Before Consent
critical

Non-essential cookies (tracking, advertising) are placed on the user's device before obtaining valid consent.

Art. 6(1) GDPR

Unclear Cookie Information
high

The cookie banner or cookie policy provides vague, incomplete, or unclear information about what cookies are used and why.

Art. 12, 13 GDPR

Related Enforcement Actions (3)

Other enforcement actions involving Company in HR

Current
Feb 2024

Fine

€20K

Fine
Sept 2024· Agencija za zaštitu osobnih podataka

The Croatian DPA (AZOP) has imposed fines totaling EUR 35,700 on nine companies for failing to adequately indicate their video surveillance areas and ...

€36K
Fine
Mar 2025· Agencija za zaštitu osobnih podataka

The Croatian DPA (AZOP) has imposed a fine of EUR 80,000 on a company. The company was responsible for monitoring parking lots at several supermarkets...

€80K
Fine
Mar 2025· Agencija za zaštitu osobnih podataka

The Croatian DPA (AZOP) has imposed a fine of EUR 40,000 on a company that published personal data of sole traders on its website. The data originated...

€40K

Similar Cases

Enforcement actions with similar violations

Minister for Legal Protection

2022 · DPA RbOverijssel

Data Subject versus Telecommunications Company

2025 · DPA OLGKoblenz

CNIL

2019 · Court of Justice of the European Union

Details

Fine Date

26 February 2024

Authority

Agencija za zaštitu osobnih podataka

Fine Amount

€20,000

Enforcement Tracker ID

ETid-3103

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified
Cookie relevance: 100%

Cite as: Cookie Fines. Company - Croatia (2024). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: