CORON ISLAND SLU – €1,600 Fine (Spain, 2022)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A Spanish restaurant, CORON ISLAND SLU, was fined EUR 1,600 for asking a customer to provide her phone number to issue an invoice. This was seen as unnecessary data collection, violating privacy rules. Businesses should only collect data they truly need.
What happened
CORON ISLAND SLU required a customer's phone number to issue an invoice, which led to a fine.
Who was affected
A restaurant customer who was asked to provide her phone number for an invoice.
What the authority found
The Spanish DPA found that the restaurant violated the principle of data minimization by asking for unnecessary personal information.
Why this matters
This case highlights the importance of data minimization, reminding businesses to only collect essential information from customers. It serves as a warning to review data collection practices to ensure compliance with privacy laws.
GDPR Articles Cited
The Spanish DPA has imposed a fine of EUR 1,600 on CORON ISLAND SLU. A customer had filed a complaint with the DPA against the restaurant. The customer had asked for a bill in her name after a meal. However, the manager explained that an invoice could only be issued if the customer provided her telephone number. The DPA considered this to be a violation of the principle of data minimization.
Related Enforcement Actions (0)
No other enforcement actions found for CORON ISLAND SLU in ES
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
31 May 2022
Authority
Agencia Española de Protección de Datos
Fine Amount
€1,600
Enforcement Tracker ID
ETid-1194
About this data
Cite as: Cookie Fines. CORON ISLAND SLU - Spain (2022). Retrieved from cookiefines.eu
Last updated: