Unknown – €4,850 Fine (Slovenia, 2026)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
An unknown company was fined for processing real personal data in a test environment that was publicly accessible. This mistake highlights the importance of keeping sensitive information secure, even in testing scenarios. Companies need to ensure that personal data is protected at all times.
What happened
An unknown company processed real personal data in a publicly accessible test environment.
Who was affected
Individuals whose personal data was exposed due to the company's negligence.
What the authority found
The Slovenian DPA found that the company violated GDPR's security requirements by improperly handling personal data.
Why this matters
This case emphasizes that businesses must secure all environments where personal data is handled. Proper safeguards are essential to avoid data breaches.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
Entities Involved
The Slovenian DPA has imposed a fine of EUR 4,850 on a unkonwn company and a responsible person within the company. The controller operated a testenfiroment accesseble with a publicly availble username and password in which real personal data and not testdata had been processed. The fine had been split up into a fine in the amount of EUR 4,650 for the company and EUR 200 for the employee responsible.
Related Enforcement Actions (1)
Other enforcement actions involving Unknown in SI
Details
Fine Date
20 January 2026
Authority
Informacijski pooblaščenec
Fine Amount
€4,850
Enforcement Tracker ID
ETid-3108
About this data
Cite as: Cookie Fines. Unknown - Slovenia (2026). Retrieved from cookiefines.eu
Last updated: