Municipality – €5,000 Fine (Italy, 2026)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A municipality was fined €5,000 for sharing a council resolution that included personal details about a person's health and pregnancy without proper protection. This ruling emphasizes the need for careful handling of sensitive information to protect privacy.
What happened
The municipality published a council resolution containing personal data that was not adequately pseudonymised, including sensitive health information.
Who was affected
A person whose personal data, including pregnancy and health status, was included in the published council resolution.
What the authority found
The Italian DPA found that the municipality did not adequately protect sensitive personal data, violating GDPR's requirements for data minimization and protection.
Why this matters
This case serves as a reminder for organizations to properly anonymize sensitive information before sharing it publicly. It underscores the importance of data protection practices.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
National Law Articles
The Italian DPA has imposed a fine of EUR 5,000 on a municipality. The controller published a council resolution containing the personal data of a data subject that had not been adequately pseudonymised, as well as information regarding her pregnancy, maternity status, health and taking parental leave.
Related Enforcement Actions (2)
Other enforcement actions involving Municipality in IT
Fine
€5K
Details
Fine Date
26 March 2026
Authority
Garante per la protezione dei dati personali
Fine Amount
€5,000
Enforcement Tracker ID
ETid-3165
About this data
Cite as: Cookie Fines. Municipality - Italy (2026). Retrieved from cookiefines.eu
Last updated: