Legal Entity – €16,650 Fine (Slovenia, 2025)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A legal entity in Slovenia was fined for storing personal data on a public server without proper security measures. This lack of protection could have allowed anyone to access sensitive information easily. It serves as a warning for companies to secure their data to avoid costly penalties.
What happened
The legal entity stored personal data on a publicly accessible server without sufficient security measures.
Who was affected
Individuals whose personal data was stored on the unsecured server were affected.
What the authority found
The Slovenian DPA found that the entity failed to implement necessary technical and organizational measures to protect personal data.
Why this matters
This fine highlights the critical need for businesses to secure personal data properly. Companies must invest in adequate security measures to protect sensitive information and avoid fines.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The Slovenian DPA has imposed a fine of EUR 16,650 on a legal entity. The controller stored personal data on a publicly accessible web server without taking sufficient technical and organisational measures. The server could be accessed via a unique URL without additional safeguards, such as a password login. The entity was fined EUR 16,250, and the person responsible was fined EUR 400.
Related Enforcement Actions (7)
Other enforcement actions involving Legal Entity in SI
Fine
€17K
Details
Fine Date
21 November 2025
Authority
Informacijski pooblaščenec
Fine Amount
€16,650
Enforcement Tracker ID
ETid-3008
About this data
Cite as: Cookie Fines. Legal Entity - Slovenia (2025). Retrieved from cookiefines.eu
Last updated: