INFORMÁTICA MÉDICA, S.L. – €60,000 Fine (Spain, 2022)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
INFORMÁTICA MÉDICA, S.L. was fined EUR 60,000 by the Spanish data protection authority for not properly regulating its relationship with a subcontractor. The company failed to have the necessary contracts in place as required by GDPR. This case emphasizes the need for clear agreements when sharing data with third parties.
What happened
INFORMÁTICA MÉDICA, S.L. engaged a subcontractor without the required contractual agreements under GDPR.
Who was affected
Clients of INFORMÁTICA MÉDICA, S.L. whose data was processed by an unregulated subcontractor.
What the authority found
The Spanish DPA ruled that INFORMÁTICA MÉDICA violated GDPR by not having proper contracts with its subcontractor.
Why this matters
The ruling highlights the importance of having clear, GDPR-compliant contracts with any third-party service providers. Companies should ensure all data processing agreements are properly documented to avoid similar fines.
GDPR Articles Cited
The Spanish DPA has imposed a fine of EUR 60,000 on INFORMÁTICA MÉDICA, S.L.. The company acted as a processor for other companies and had engaged a subcontractor without, however, contractually regulating the relationship as required by Art. 28 GDPR.
Related Enforcement Actions (0)
No other enforcement actions found for INFORMÁTICA MÉDICA, S.L. in ES
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
7 November 2022
Authority
Agencia Española de Protección de Datos
Fine Amount
€60,000
Enforcement Tracker ID
ETid-2288
About this data
Cite as: Cookie Fines. INFORMÁTICA MÉDICA, S.L. - Spain (2022). Retrieved from cookiefines.eu
Last updated: