Asper Biogene OÜ – Fine (Estonia, 2025)

Fine
Andmekaitse Inspektsioon10 January 2025Estonia
overturned
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Asper Biogene OÜ faced a major setback when a court overturned a fine related to a data leak that exposed sensitive information. The company had been fined for not having enough security measures to protect personal data. This case serves as a reminder for businesses to implement strong security practices to safeguard user information.

What happened

A data leak at Asper Biogene OÜ exposed around 100,000 files of personal, health, and genetic data due to inadequate security.

Who was affected

Individuals whose personal, health, and genetic data was leaked.

What the authority found

The court overturned the fine imposed by the DPA, which had penalized the company for inadequate security measures.

Why this matters

This case highlights the ongoing legal challenges companies face regarding data protection. Businesses must ensure they have robust security measures in place to protect sensitive information and avoid potential legal issues.

Source verified 20 March 2026
articles corrected
amount discrepancy
Estonia enforcementAndmekaitse Inspektsioon actionsAll Asper Biogene OÜ actions
Full Legal Summary
Detailed

The Estonian DPA imposed a fine of EUR 85,000 on Asper Biogene OÜ. Asper Biogene OÜ suffered a data leak due to a lack of adequate security measures. The leak affected approximately 100,000 files containing personal, health and genetic data. Asper Biogene OÜ also appointed a member of the board of directors as DPO, resulting in a conflict of interest. A fine of EUR 80,000 was imposed for the inadequate security measures. The unlawful appointment of the DPO was fined EUR 5,000. ---UPDATE--- The Tartu County Court overturned the DPA's decision. The DPA has appealed against the court's decision.

Related Enforcement Actions (0)

No other enforcement actions found for Asper Biogene OÜ in EE

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

10 January 2025

Authority

Andmekaitse Inspektsioon

Enforcement Tracker ID

ETid-2594

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Asper Biogene OÜ - Estonia (2025). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: