Encore Thermoengineering s.r.l. – €20,000 Fine (Italy, 2025)

€20,000Garante per la protezione dei dati personali13 March 2025Italy
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Encore Thermoengineering was fined €20,000 for improperly storing employee data it obtained from a bankrupt company. This matters because it shows the importance of data minimization and responding to erasure requests. Companies must handle personal data responsibly to avoid penalties.

What happened

Encore Thermoengineering failed to comply with data minimization and did not respond properly to erasure requests.

Who was affected

Former employees whose data was stored without a time limit by Encore Thermoengineering.

What the authority found

The authority found that the company violated GDPR principles by retaining data longer than necessary and not addressing erasure requests.

Why this matters

This case serves as a reminder for businesses to regularly review their data retention policies and ensure they respond to requests for data deletion to avoid fines.

GDPR Articles Cited

AI-verified

Art. 6(GDPR)
Art. 17(GDPR)
Art. 5(1)(a) GDPR
View original scraped data
Art. 5(1) a) GDPR
c)
e) GDPR
Art. 6(GDPR)
Art. 17(GDPR)

Original data from scraper before AI verification against source document.

Source verified 13 March 2026
articles corrected
national law identified
Italy enforcementGarante per la protezione dei dati personali actionsAll Encore Thermoengineering s.r.l. actions
Full Legal Summary
Detailed

The Italian DPA imposed a fine of EUR 20,000 on Encore Thermoengineering s.r.l. The controller legally obtained employee data from another company that had gone bankrupt. The controller never hired those subjects. However, the controller failed to comply with the principle of data minimization by storing the data without a time limit, and failed to adequately respond to a request for erasure by the data subjects.

Related Enforcement Actions (0)

No other enforcement actions found for Encore Thermoengineering s.r.l. in IT

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

13 March 2025

Authority

Garante per la protezione dei dati personali

Fine Amount

€20,000

Enforcement Tracker ID

ETid-2664

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Encore Thermoengineering s.r.l. - Italy (2025). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: