Sociedad de Gestión de Activos Procedentes de la Reestructuración Bancaria S.A. – €180,000 Fine (Spain, 2025)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The Spanish DPA has imposed a fine of EUR 180,000 on Sociedad de Gestión de Activos Procedentes de la Reestructuración Bancaria S.A. The controller suffered a cyber attack due to insufficient technical and organisational measures. The controller also used a third party data processor with which the controller had no sufficient data processing agreement. The original fine of EUR 300,000 was reduced to EUR 180,000 due to immediate payment and admission of responsibility by the controller.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The Spanish DPA has imposed a fine of EUR 180,000 on Sociedad de Gestión de Activos Procedentes de la Reestructuración Bancaria S.A. The controller suffered a cyber attack due to insufficient technical and organisational measures. The controller also used a third party data processor with which the controller had no sufficient data processing agreement. The original fine of EUR 300,000 was reduced to EUR 180,000 due to immediate payment and admission of responsibility by the controller.
Related Enforcement Actions (0)
No other enforcement actions found for Sociedad de Gestión de Activos Procedentes de la Reestructuración Bancaria S.A. in ES
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
4 September 2025
Authority
Agencia Española de Protección de Datos
Fine Amount
€180,000
Enforcement Tracker ID
ETid-2875
About this data
Cite as: Cookie Fines. Sociedad de Gestión de Activos Procedentes de la Reestructuración Bancaria S.A. - Spain (2025). Retrieved from cookiefines.eu
Last updated: