Company – €870 Fine (Austria, 2025)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
An Austrian company was fined for not reporting a data breach to the authorities, even though it took steps to fix the issue. This shows that businesses must not only act quickly to secure data but also inform regulators about breaches. It’s a reminder for all companies to follow proper reporting procedures.
What happened
The company failed to notify the Data Protection Authority after a data breach occurred.
Who was affected
The company itself, which did not inform the authorities about the data breach it experienced.
What the authority found
The Austrian Data Protection Authority imposed a fine because the company did not report the data breach as required by GDPR.
Why this matters
This case highlights the importance of compliance with data breach reporting requirements, reminding all businesses to have clear protocols in place for notifying authorities when breaches occur.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The Austrian DPA has imposed a fine of EUR 870 on a company. After being informed of a data breach, the controller took adequate measures to close it but failed to inform the DPA.
Related Enforcement Actions (2)
Other enforcement actions involving Company in AT
Fine
€870
Details
Fine Date
4 September 2025
Authority
Datenschutzbehörde
Fine Amount
€870
Enforcement Tracker ID
ETid-2938
About this data
Cite as: Cookie Fines. Company - Austria (2025). Retrieved from cookiefines.eu
Last updated: