Private individual – €2,000 Fine (Spain, 2022)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A private individual in Spain was fined EUR 2,000 for running three websites without proper consent mechanisms. The websites also lacked clear privacy policies, which is important for user trust and compliance with data protection laws.
What happened
A private individual operated three websites without fields for user consent and without adequate privacy policies.
Who was affected
Visitors to the three websites who could not give consent or access clear privacy information.
What the authority found
The Spanish DPA fined the individual for not having a valid legal basis for processing personal data, as required by GDPR.
Why this matters
This case highlights the importance of having clear consent mechanisms and privacy policies on websites. Small business owners should ensure their sites comply with data protection laws to avoid fines.
GDPR Articles Cited
The Spanish DPA has fined a private individual operating three websites EUR 2,000. During its investigation, the DPA found that all three websites lacked a field for giving consent to the processing of personal data. In addition, the DPA found that the privacy policies on the websites were missing any reference to the identity of the data controller and to the right of data subjects to withdraw their consent to data processing.
Related Enforcement Actions (4)
Other enforcement actions involving Private individual in ES
Fine
€2K
Details
Fine Date
20 May 2022
Authority
Agencia Española de Protección de Datos
Fine Amount
€2,000
Enforcement Tracker ID
ETid-1184
About this data
Cite as: Cookie Fines. Private individual - Spain (2022). Retrieved from cookiefines.eu
Last updated: