'D. A.A.A' – Fine (Spain, 2021)

Fine
Agencia Española de Protección de Datos25 August 2021Spain
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

'D. A.A.A' was fined for ignoring a person's request to delete their data and stop sending marketing emails. This case is important because it shows that companies must respect people's rights to control their data. The ruling emphasizes the need for businesses to act on data deletion requests promptly.

What happened

The company failed to honor a person's request to delete their personal data and continued sending marketing emails.

Who was affected

A person who requested the deletion of their personal data and to stop receiving marketing emails.

What the authority found

The AEPD found that the company violated the right to erasure under GDPR by not deleting the person's data as requested.

Why this matters

This ruling highlights the importance of respecting individuals' rights to control their personal data. Businesses should ensure they have processes in place to promptly respond to data deletion requests to avoid penalties.

GDPR Articles Cited

Art. 17(1) GDPR

National Law Articles

Article 21 LSSI

Entities Involved

'D. A.A.A'
AD735 Data Media Advertising S.L.
Spain enforcementAgencia Española de Protección de Datos actionsAll 'D. A.A.A' actions
Full Legal Summary
Detailed

A data subject received a number of advertising emails that stated his personal data was part of an 'automated file' on a database managed by AD735 Data Media Advertising. He sent an email to the company requesting the deletion of his personal data from all such databases and cancel any further commercial communications. Following this first email, the data subject kept receiving automated advertising emails and sent four reminders of his request, three of which were ignored. Thus, he complained to the AEPD. The AEPD found two infringements. First, it held the company infringed Article 17(1) GDPR for failing to comply with the right to erasure exercised by the claimant and imposed a €10,000 fine. Second, it held the company infringed Article 21 the LSSI (Law of Information Society Services and Electronic Commerce) for sending commercial communications recipients did not consent to and imposed a €5,000 fine.

Related Enforcement Actions (0)

No other enforcement actions found for 'D. A.A.A' in ES

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

25 August 2021

Authority

Agencia Española de Protección de Datos

GDPRhub ID

gdprhub-4000

Sources

About this data

Data: GDPRhub (noyb.eu)
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. 'D. A.A.A' - Spain (2021). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: