Municipality of Kyustendil – €2,556 Fine (Bulgaria, 2025)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The Municipality of Kyustendil was fined EUR 2,556 for improperly storing identity documents of individuals applying for parking passes. This case matters because it shows that even public entities must follow data protection rules when handling personal information.
What happened
The Municipality stored identity documents of seven individuals without a valid legal basis.
Who was affected
Individuals who applied for car park access passes were affected by the improper storage of their identity documents.
What the authority found
The authority found that the Municipality lacked a sufficient legal basis for storing the identity documents, violating data protection rules.
Why this matters
This ruling serves as a reminder that all organizations, including municipalities, must comply with data protection laws and have valid reasons for collecting and storing personal data.
The Bulgarian DPA has imposed a fine of EUR 2,556 on the Municipality of Kyustendil. The controller stored copies of the identity documents of seven data subjects who had applied for car park access passes. This storage could not have been based on sufficient legal basis.
Related Enforcement Actions (0)
No other enforcement actions found for Municipality of Kyustendil in BG
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
1 November 2025
Authority
Commission for Personal Data Protection
Fine Amount
€2,556
Enforcement Tracker ID
ETid-1274
About this data
Cite as: Cookie Fines. Municipality of Kyustendil - Bulgaria (2025). Retrieved from cookiefines.eu
Last updated: