Arnhem and Nijmegen University of Applied Sciences – €175,000 Fine (Netherlands, 2025)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Arnhem and Nijmegen University of Applied Sciences was fined EUR 175,000 for not protecting personal data properly, which led to a data breach. This incident underscores the need for educational institutions to implement strong security measures to safeguard sensitive information.
What happened
The university faced a data breach due to inadequate technical and organizational security measures.
Who was affected
Students and staff whose personal data was compromised in the breach.
What the authority found
The Dutch authority determined that the university failed to meet GDPR standards for data protection.
Why this matters
This fine emphasizes the critical need for organizations, especially educational institutions, to prioritize data security. Companies should regularly assess their security practices to prevent breaches.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The Dutch DPA has imposed a fine of EUR 175,000 on Arnhem and Nijmegen University of Applied Sciences. The controller suffered a data breach due to insufficient technical and organisational measures.
Related Enforcement Actions (0)
No other enforcement actions found for Arnhem and Nijmegen University of Applied Sciences in NL
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
15 December 2025
Authority
Autoriteit Persoonsgegevens
Fine Amount
€175,000
Enforcement Tracker ID
ETid-2980
About this data
Cite as: Cookie Fines. Arnhem and Nijmegen University of Applied Sciences - Netherlands (2025). Retrieved from cookiefines.eu
Last updated: