Company – Fine (France, 2024)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A French call center recorded all its calls, which the data protection authority found was too much information. They decided that only random or selective recordings for training were needed. This ruling emphasizes the importance of collecting only necessary data.
What happened
The French DPA found that the call center recorded all incoming and outgoing calls without needing to.
Who was affected
People whose calls were recorded by the call center.
What the authority found
The authority ruled that the call center violated the principle of data minimization by recording all calls.
Why this matters
This case highlights that businesses should only collect data that is necessary for their operations. Companies should review their data collection practices to avoid over-collection.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The French DPA has imposed a fine on a company operating a call center. The controller had systematically recorded all incoming and outgoing calls for training, evaluation and dispute purposes. The CNIL found that such comprehensive recording violated the principle of data minimization and that random and selective recording for training purposes was sufficient.
Related Enforcement Actions (2)
Other enforcement actions involving Company in FR
Fine
Details
Fine Date
5 June 2024
Authority
Commission Nationale de l'Informatique et des Libertés
About this data
Cite as: Cookie Fines. Company - France (2024). Retrieved from cookiefines.eu
Last updated: