IDCQ HOSPITALES Y SANIDAD, S.L.U. – €1,200,000 Fine (Spain, 2025)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The Spanish DPA has imposed a fine of EUR 1,200,000 on IDCQ HOSPITALES Y SANIDAD, S.L.U. The controller offered MRI scans as part of its services, and patients could bring copies or originals of previous scans. However, the controller had established very strict return policies, resulting in data being deleted after a very short amount of time, and data subjects being unable to easily retrieve their data if they had brought it on physical data carriers. Furthermore, the controller only stored data that was necessary for comparison purposes, deleting the rest immediately upon receipt.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The Spanish DPA has imposed a fine of EUR 1,200,000 on IDCQ HOSPITALES Y SANIDAD, S.L.U. The controller offered MRI scans as part of its services, and patients could bring copies or originals of previous scans. However, the controller had established very strict return policies, resulting in data being deleted after a very short amount of time, and data subjects being unable to easily retrieve their data if they had brought it on physical data carriers. Furthermore, the controller only stored data that was necessary for comparison purposes, deleting the rest immediately upon receipt.
Related Enforcement Actions (0)
No other enforcement actions found for IDCQ HOSPITALES Y SANIDAD, S.L.U. in ES
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
21 November 2025
Authority
Agencia Española de Protección de Datos
Fine Amount
€1,200,000
Enforcement Tracker ID
ETid-3013
About this data
Cite as: Cookie Fines. IDCQ HOSPITALES Y SANIDAD, S.L.U. - Spain (2025). Retrieved from cookiefines.eu
Last updated: