Restaurant owner – €600 Fine (Spain, 2022)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A restaurant owner in Spain was fined EUR 600 for using CCTV cameras that also recorded public areas and for not informing people about the surveillance. The Spanish DPA found this violated data minimization and transparency rules. This case is important for small business owners to understand the limits of surveillance and the need for clear communication.
What happened
A restaurant owner installed CCTV cameras that recorded public spaces and failed to inform people about the surveillance.
Who was affected
Individuals in public areas recorded by the restaurant's CCTV cameras without proper notice.
What the authority found
The Spanish DPA fined the restaurant owner for violating data minimization and transparency requirements under GDPR.
Why this matters
This case underscores the importance of limiting surveillance to necessary areas and informing people about it. Small businesses should ensure their surveillance practices comply with privacy laws.
GDPR Articles Cited
The Spanish DPA (AEPD) has imposed a fine of EUR 600 on a restaurant owner. The controller had installed video surveillance cameras which, among other things, also covered the public space. The DPA considered this to be a violation of the principle of data minimization. In addition, the controller did not comply with its duty to properly inform about the CCTV.
Related Enforcement Actions (2)
Other enforcement actions involving Restaurant owner in ES
Fine
€600
Details
Fine Date
8 August 2022
Authority
Agencia Española de Protección de Datos
Fine Amount
€600
Enforcement Tracker ID
ETid-1329
About this data
Cite as: Cookie Fines. Restaurant owner - Spain (2022). Retrieved from cookiefines.eu
Last updated: