Comune di Isola del Gran Sasso – €3,000 Fine (Italy, 2025)

€3,000Garante per la protezione dei dati personali25 September 2025Italy
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

The Italian Data Protection Authority fined Comune di Isola del Gran Sasso EUR 3,000 for sharing personal information about an employee online. This included sensitive details related to criminal proceedings. It highlights the importance of protecting employee privacy and responding properly to their requests.

What happened

Comune di Isola del Gran Sasso published personal data of an employee, including details about criminal proceedings, on its website.

Who was affected

The employee whose personal data was published without consent was affected.

What the authority found

The authority found that the Comune did not properly handle personal data, violating GDPR rules on transparency and user rights.

Why this matters

This case emphasizes that organizations must safeguard employee information and respond adequately to privacy requests. It serves as a reminder for all businesses to review their data handling practices.

GDPR Articles Cited

AI-verified

Art. 6(GDPR)
Art. 10(GDPR)
Art. 17(GDPR)
Art. 5(1)(a) GDPR
Art. 12(3) GDPR
View original scraped data
Art. 5(1) a) GDPR
Art. 6(GDPR)
Art. 10(GDPR)
Art. 12(3) GDPR
(4) GDPR
Art. 17(GDPR)

Original data from scraper before AI verification against source document.

Source verified 15 March 2026
articles corrected
Italy enforcementGarante per la protezione dei dati personali actionsAll Comune di Isola del Gran Sasso actions
Full Legal Summary
Detailed

The Italian DPA has imposed a fine of EUR 3,000 on the Comuni di Isola del Gran Sasso. The controller published a resolution on its institutional website which included the personal data of an employee, including information relating to criminal proceedings against said employee. The controller also failed to adequately respond to a request by the data subject to exercise their rights.

Related Enforcement Actions (0)

No other enforcement actions found for Comune di Isola del Gran Sasso in IT

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

25 September 2025

Authority

Garante per la protezione dei dati personali

Fine Amount

€3,000

Enforcement Tracker ID

ETid-2917

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Comune di Isola del Gran Sasso - Italy (2025). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: