LISMARTSA, S.L. – €1,800 Fine (Spain, 2023)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Spain's data protection authority fined LISMARTSA, S.L. for sending an email that exposed personal data of 74 people to all recipients. This violated the GDPR's data minimization principle. The fine was reduced due to the company's cooperation and quick payment.
What happened
LISMARTSA, S.L. sent an email exposing personal data of 74 individuals to all recipients, violating data minimization rules.
Who was affected
The 74 individuals whose personal data was shared with all recipients in an email by LISMARTSA, S.L.
What the authority found
The Spanish DPA fined LISMARTSA, S.L. for breaching GDPR's data minimization principle by unnecessarily sharing personal data.
Why this matters
This case highlights the importance of minimizing data exposure in communications. Companies should ensure they only share necessary information to comply with GDPR and avoid fines.
GDPR Articles Cited
The Spanish DPA has imposed a fine on LISMARTSA, S.L.. The controller had sent an email containing personal data of 74 people to all recipients. The DPA considered this to be a violation of the principle of data minimization. The original fine of EUR 3,000 was reduced to EUR 1,800 due to voluntary payment and admission of responsibility.
Related Enforcement Actions (1)
Other enforcement actions involving LISMARTSA, S.L. in ES
Details
Fine Date
30 March 2023
Authority
Agencia Española de Protección de Datos
Fine Amount
€1,800
Enforcement Tracker ID
ETid-1954
About this data
Cite as: Cookie Fines. LISMARTSA, S.L. - Spain (2023). Retrieved from cookiefines.eu
Last updated: