This category examines notable fines imposed on organisations for data protection violations. Our expert analysis helps you understand the reasons behind these penalties and provides valuable insights to help your organisation avoid a similar fate.
French broadcasting company Groupe Canal+ was recently fined €600,000 by the French data protection authority (CNIL) for multiple violations of the EU’s General Data Protection Regulation (GDPR).
This case tells us that it is important to continually review the potential impact of human error or technical error on your direct marketing campaigns.
UK GDPR and EU GDPR have introduced some stiff penalties for poor data protection practices.
The ICO’s recent enforcement action against Virgin Media shows us that some marketers are still failing to understand the ICO’s guidance on PECR.
The High Court of England and Wales held that controllers and processors outside of the EU that nominate a representative under Article 27 GDPR cannot outsource liability for breaches of the GDPR.
The Information Commissioner’s Office (ICO), in the United Kingdom, has fined Yes Consumer Solutions Limited (YCSL) £170,000 for making 188,493 unsolicited direct marketing calls to customers registered with the Telephone Preference Service (TPS).
The ICO’s investigation found that Muscle Food’s had contravened Regulation 22 of PECR.
During their investigation the ICO found that Digital Growth Experts Ltd had breached regulations 22 and 23 of PECR.
On the 10th July 2020, the AEPD – Spain’s data protection authority initiated a sanctioning procedure to fine the Barcelona Airport Security Guard Association (AVSAB) under the GDPR. The case found that a member of the AVSAB security group had used WhatsApp to send messages to private phone numbers containing personal information about employees. The …
If you have old contacts sitting around in your CRM or email marketing software, now is the time to delete them. Because recent cases tell us, regulators are paying increasing attention to GDPR’s requirement to only keep data for as long as you need it. On the 27th of August 2020, Danish data protection authority …
