Depac Società Cooperativa Sociale a r.l. – €15,000 Fine (Italy, 2026)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Depac Società Cooperativa Sociale a r.l. was fined €15,000 for using fingerprint devices to track employee attendance without a legal reason. This matters because it highlights the importance of having a valid reason for collecting personal data, especially in workplaces.
What happened
Depac tracked the arrival and departure times of employees using fingerprint devices without a legal basis.
Who was affected
Six employees working for a public contractor were affected by the tracking of their attendance.
What the authority found
The Italian DPA ruled that Depac had no valid legal basis for processing personal data, violating GDPR's requirements.
Why this matters
This case shows that companies must ensure they have a valid reason for collecting personal data. Small businesses should review their data collection practices to avoid similar issues.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The Italian DPA has imposed a fine of EUR 15,000 on Depac Società Cooperativa Sociale a r.l. The controller used two fingerprint devices to track the arrival and departure times of six employees working for a public contractor. The controller had no legal basis for this processing.
Related Enforcement Actions (0)
No other enforcement actions found for Depac Società Cooperativa Sociale a r.l. in IT
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
26 February 2026
Authority
Garante per la protezione dei dati personali
Fine Amount
€15,000
Enforcement Tracker ID
ETid-1253
About this data
Cite as: Cookie Fines. Depac Società Cooperativa Sociale a r.l. - Italy (2026). Retrieved from cookiefines.eu
Last updated: