Legal Entity – €1,300 Fine (Slovenia, 2025)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A legal entity in Slovenia was fined EUR 1,300 for not securing personal data on an employee's work laptop. The employee took the laptop outside a secure area, allowing unauthorized access to the data. This case highlights the importance of protecting sensitive information to prevent data breaches.
What happened
An employee stored personal data on an unsecured work laptop and took it outside the secured workspace.
Who was affected
Employees whose personal data was stored on the unsecured laptop.
What the authority found
The Slovenian DPA found that the legal entity failed to secure personal data, violating GDPR's security requirements.
Why this matters
This ruling emphasizes the need for companies to implement strong data security measures. Businesses should ensure that employees are trained on data protection practices to avoid similar issues.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The Slovenian DPA has imposed a fine of EUR 1,300 on a legal entity. An employee of the controller stored personal data on her work laptop without securing it, for example by encrypting it, and took the laptop outside of the secured workspace, thereby allowing third parties to gain access to the data. The entity was fined EUR 1,000, and the person responsible was fined EUR 300.
Related Enforcement Actions (7)
Other enforcement actions involving Legal Entity in SI
Fine
€1K
Details
Fine Date
4 December 2025
Authority
Informacijski pooblaščenec
Fine Amount
€1,300
Enforcement Tracker ID
ETid-3010
About this data
Cite as: Cookie Fines. Legal Entity - Slovenia (2025). Retrieved from cookiefines.eu
Last updated: