Legal Entity – €11,614 Fine (Slovenia, 2025)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A Slovenian company was fined EUR 11,614 for not deleting the email address of a former employee. They continued to process emails sent to that address without a valid reason. This case highlights the importance of properly managing employee data after they leave.
What happened
The company failed to delete a former employee's email address and continued processing emails sent to it.
Who was affected
The former employee whose email address was not deleted and continued to receive emails.
What the authority found
The authority ruled that the company lacked a valid legal basis for processing the former employee's email, violating GDPR rules.
Why this matters
This ruling emphasizes the need for companies to manage employee data responsibly, especially when employees leave. It serves as a reminder that failing to delete outdated information can lead to financial penalties.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The Slovenian DPA has imposed a fine of EUR 11,614 on a legal entity. The controller did not delete the email address of a former employee, but rather continued to receive and process all emails sent to that address without a sufficient legal basis. The entity was fined EUR 10,614, and the person responsible was fined EUR 1,000.
Related Enforcement Actions (7)
Other enforcement actions involving Legal Entity in SI
Fine
€12K
Details
Fine Date
29 July 2025
Authority
Informacijski pooblaščenec
Fine Amount
€11,614
Enforcement Tracker ID
ETid-3006
About this data
Cite as: Cookie Fines. Legal Entity - Slovenia (2025). Retrieved from cookiefines.eu
Last updated: