CASA 7 PERSONAL SHOPPER, S.L. – €3,500 Fine (Spain, 2022)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
CASA 7 PERSONAL SHOPPER, S.L. was fined by the Spanish data authority for exposing personal email addresses by using an open distribution list. This mistake allowed recipients to see each other's email addresses, breaching privacy rules. The case highlights the importance of using proper email practices to protect personal data.
What happened
CASA 7 PERSONAL SHOPPER sent an email with personal data using an open distribution list, exposing recipients' email addresses.
Who was affected
Email recipients whose addresses were visible to others in the open distribution list.
What the authority found
The authority decided that CASA 7 PERSONAL SHOPPER failed to protect personal data adequately, violating GDPR's security requirements.
Why this matters
This case serves as a warning to businesses about the importance of safeguarding personal data in electronic communications. Companies should ensure they use proper email practices, like BCC, to prevent accidental data exposure.
GDPR Articles Cited
The Spanish DPA has imposed a fine of EUR 3,500 on CASA 7 PERSONAL SHOPPER, S.L. The controller sent an e-mail with personal data to several recipients in an open distribution list. This made it possible for the recipients to view the e-mail addresses of all other recipients.
Related Enforcement Actions (0)
No other enforcement actions found for CASA 7 PERSONAL SHOPPER, S.L. in ES
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
2 December 2022
Authority
Agencia Española de Protección de Datos
Fine Amount
€3,500
Enforcement Tracker ID
ETid-1515
About this data
Cite as: Cookie Fines. CASA 7 PERSONAL SHOPPER, S.L. - Spain (2022). Retrieved from cookiefines.eu
Last updated: