Δήμος Αθηναίων - Municipality of Athens – €5,000 Fine (Greece, 2024)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The Hellenic Data Protection Authority fined the Municipality of Athens for not responding to a questionnaire about their Data Protection Officer on time. This is significant because it emphasizes that local governments must also follow data protection laws. Other public bodies should take note and ensure they meet their reporting deadlines.
What happened
The Municipality of Athens did not submit a required questionnaire regarding their Data Protection Officer by the deadlines set by the authority.
Who was affected
The Municipality of Athens, a local government in Greece.
What the authority found
The authority determined that the Municipality violated GDPR by failing to cooperate and designate a Data Protection Officer in a timely manner.
Why this matters
This ruling serves as a reminder that all organizations, including local governments, must adhere to data protection regulations. Timely compliance is crucial to avoid fines.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
National Law Articles
In 2023, as part of a wider initiative led by the European Data Protection Board (EDPB), the Hellenic Data Protection Authority (HDPA) like the majority of the members of the EDPB, jointly undertook the examination of the topic "The definition and position of the data protection officer". To facilitate this examination, the EDPB developed a unified questionnaire, which the Hellenic DPA adopted. Later on May 3, 2023, the Hellenic DPA exercising its investigative powers sent the questionnaire to 31 public bodies in Greece, including the Municipality of Athens (hereinafter "Controller"), with a deadline for submission via the EUsurvey link until May 19, 2023. The DPO of the Controller (hereinafter “DPO") failed to respond to the questionnaire within the set deadline. The Hellenic DPA re-sent the questionnaire on May 26, 2023, with a new deadline of May 31, 2023. Once again, the DPO failed to respond in time. The DPO, after the deadline expired, attempted to complete the form without success as the above link had been deactivated by the Hellenic DPA. Upon DPO’s communication with Hellenic DPA, the link was reactivated, and the data controller was informed of a new deadline for submission until June 21, 2023. Once again, the DPO failed to submit the questionnaire in time. The controller was then summoned by the Hellenic DPA to appear before the plenary on Tuesday, December 19, 2023. The DPO contacted the DPA by telephone and informed that he had inadvertently failed to respond due to technical issues and undertook to complete and submit it immediately. After which, the Hellenic DPA reactivated the submission link to the questionnaire, and the controller finally submitted the questionnaire on December 18, 2023. At the plenary meeting, which was held in person, the DPO stated once again that the reason for the delayed response was technical issues with the website where the questionnaire was held, which prevented submission even after several attempts. The Hellenic DPA n
Related Enforcement Actions (0)
No other enforcement actions found for Δήμος Αθηναίων - Municipality of Athens in GR
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
29 January 2024
Authority
Hellenic Data Protection Authority
Fine Amount
€5,000
About this data
Cite as: Cookie Fines. Δήμος Αθηναίων - Municipality of Athens - Greece (2024). Retrieved from cookiefines.eu
Last updated: