Comune di Bologna – €40,000 Fine (Italy, 2025)
€40,000Garante per la protezione dei dati personali29 April 2025Italy
final
ePrivacy
Fine
The case involved a data breach due to human error, with no relation to cookies or consent mechanisms.
GDPR Articles Cited
Art. 5(1)(a) GDPR
Art. 5(1)(a) GDPRCore data protection principles: lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity, and accountability.Art. 5(1)(c) GDPR
Art. 5(1)(c) GDPRCore data protection principles: lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity, and accountability.Art. 6(1)(c) GDPR
Art. 6(1)(c) GDPRLegal bases for processing personal data (consent, contract, legal obligation, vital interests, public task, or legitimate interests).Art. 6(1)(e) GDPR
Art. 6(1)(e) GDPRLegal bases for processing personal data (consent, contract, legal obligation, vital interests, public task, or legitimate interests).Art. 6(2) GDPR
Art. 6(2) GDPRLegal bases for processing personal data (consent, contract, legal obligation, vital interests, public task, or legitimate interests).Art. 6(3) GDPR
Art. 6(3) GDPRLegal bases for processing personal data (consent, contract, legal obligation, vital interests, public task, or legitimate interests).Art. 9(1) GDPR
Art. 9(1) GDPRProcessing of sensitive data (health, biometrics, race, religion, politics, sexual orientation, union membership). Generally prohibited unless an exception applies.Art. 9(2)(g) GDPR
Art. 9(2)(g) GDPRProcessing of sensitive data (health, biometrics, race, religion, politics, sexual orientation, union membership). Generally prohibited unless an exception applies.Art. 9(4) GDPR
Art. 9(4) GDPRProcessing of sensitive data (health, biometrics, race, religion, politics, sexual orientation, union membership). Generally prohibited unless an exception applies.National Law Articles
2-sexies c.1 d. lgs. 196/2003
2-sexies c.2 l. bb) d. lgs. 196/2003
2-ter c. 3 d. lgs. 196/2003
2-ter c.1 d. lgs. 196/2003
Full Legal Summary
The case involved a data breach due to human error, with no relation to cookies or consent mechanisms.
Violations (1)
Cookies Placed Before Consent
critical
Non-essential cookies (tracking, advertising) are placed on the user's device before obtaining valid consent.
Art. 6(1) GDPR
Related Enforcement Actions (0)
No other enforcement actions found for Comune di Bologna in IT
This is the only recorded action for this entity in this jurisdiction.
Similar Cases
Enforcement actions with similar violations
Details
Fine Date
29 April 2025
Authority
Garante per la protezione dei dati personali
Fine Amount
€40,000
GDPRhub ID
gdprhub-9449About this data
Cite as: Cookie Fines. Comune di Bologna - Italy (2025). Retrieved from cookiefines.eu
Report Inaccuracy
Last updated: