Legal Entity – €16,650 Fine (Slovenia, 2025)

€16,650Informacijski pooblaščenec21 November 2025Slovenia
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

The Slovenian DPA has imposed a fine of EUR 16,650 on a legal entity. The controller stored personal data on a publicly accessible web server without taking sufficient technical and organisational measures. The server could be accessed via a unique URL without additional safeguards, such as a password login. The entity was fined EUR 16,250, and the person responsible was fined EUR 400.

GDPR Articles Cited

Art. 32 GDPR
Slovenia enforcementInformacijski pooblaščenec actionsAll Legal Entity actions
Full Legal Summary

The Slovenian DPA has imposed a fine of EUR 16,650 on a legal entity. The controller stored personal data on a publicly accessible web server without taking sufficient technical and organisational measures. The server could be accessed via a unique URL without additional safeguards, such as a password login. The entity was fined EUR 16,250, and the person responsible was fined EUR 400.

Related Enforcement Actions (6)

Other enforcement actions involving Legal Entity in SI

Fine
Jul 2025· Informacijski pooblaščenec

The Slovenian DPA has imposed a fine of EUR 2,200 on a legal entity. An employee of the company forwarded health data to a lawyer without sufficient g...

€2K
Fine
Jul 2025· Informacijski pooblaščenec

The Slovenian DPA has imposed a fine of EUR 5,020 on a legal entity. The controller had developed an application that allowed the exchange of personal...

€5K
Fine
Jul 2025· Informacijski pooblaščenec

The Slovenian DPA has imposed a fine of EUR 11,614 on a legal entity. The controller did not delete the email address of a former employee, but rather...

€12K
Current
Nov 2025

Fine

€17K

Fine
Nov 2025· Informacijski pooblaščenec

The Slovenian DPA has imposed a fine of EUR 6,600 on a legal entity. The controller used GPS trackers to systematically and indiscriminately monitor i...

€7K
Fine
Dec 2025· Informacijski pooblaščenec

The Slovenian DPA has imposed a fine of EUR 1,300 on a legal entity. An employee of the controller stored personal data on her work laptop without sec...

€1K
Fine
Dec 2025· Informacijski pooblaščenec

The Slovenian DPA has imposed a fine of EUR 75,474 on a legal entity. Without a sufficient legal basis, the controller installed software on an employ...

€75K

Details

Fine Date

21 November 2025

Authority

Informacijski pooblaščenec

Fine Amount

€16,650

Enforcement Tracker ID

ETid-3008

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Legal Entity - Slovenia (2025). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: