Association – €15,000 Fine (France, 2024)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A French association was fined €15,000 for not keeping personal data secure and not following rules about how much data they collect. This matters because it shows that organizations must protect user data and only collect what they really need.
What happened
The French DPA fined an association €15,000 for failing to ensure data security and not following data minimization principles.
Who was affected
The association's members and anyone whose data was handled by the organization were affected.
What the authority found
The authority found that the association did not comply with GDPR's requirements for data security and minimization.
Why this matters
This case highlights the importance of data protection for all organizations, emphasizing that even small associations must take data security seriously. It serves as a reminder for businesses to review their data handling practices.
The French DPA has fined an association EUR 15,000 due to a lack of data security, non-compliance with the principle of data minimisation and a failure to comply with its information obligations under the GDPR.
Related Enforcement Actions (2)
Other enforcement actions involving Association in FR
Fine
€15K
Details
Fine Date
25 May 2024
Authority
Commission Nationale de l'Informatique et des Libertés
Fine Amount
€15,000
Enforcement Tracker ID
ETid-2425
About this data
Cite as: Cookie Fines. Association - France (2024). Retrieved from cookiefines.eu
Last updated: