Fines

€15,000 GDPR Damages: When Employee Video Surveillance Becomes Expensive

27. November 2025 by Debora Timoteo

Can permanent video surveillance at the workplace lead to a five-figure claim for damages? The Higher Labor Court (LAG) Hamm answered this question with a clear “Yes” and ordered an employer to pay 15,000 euros. The judgment of May 28, 2025 (Ref.: 18 SLa 959/24), is a wake-up call and sets a new, high benchmark … Read more

Categories Compliance, Fines, GDPR

McDonald’s Hit with a €4 Million GDPR Fine: How Secure Are Your Vendors?

18. November 202518. November 2025 by Debora Timoteo

The Polish Data Protection Authority (UODO) has fined McDonald’s Poland nearly €4 million (16.9 million PLN). The reason: a chain of security failures that led to a major data breach involving employee information. This case is a textbook example of how data protection responsibility can’t simply be outsourced to third-party vendors and why fundamental GDPR … Read more

Categories Compliance, data minimization, DSGVO, Fines, GDPR, IT Security

€150M Fine for SHEIN: Is Your Cookie Banner a Ticking Time Bomb?

7. November 2025 by Debora Timoteo

The French data protection authority (CNIL) has made an example of the online fashion giant SHEIN, imposing a staggering €150 million fine. The reason: a systematic and severe violation of the cookie rules under the ePrivacy Directive. The ruling, dated September 1, 2025 (Case No. SAN-2025-005), is one of the highest fines ever issued for … Read more

Categories Cookie Banner, Fines, GDPR, Website Compliance

Damages for a GDPR Violation During an HR Software Test

3. September 2025 by Debora Timoteo

The German Federal Labour Court (BAG) has grant an employee €200 in damages because, during a Workday software test, more personal data were disclosed than the works council agreement allowed (case no. 8 AZR 209/21). This ruling is a warning sign for all companies that handle employee data and underscores the importance of GDPR compliance. … Read more

Categories data minimization, DSGVO, Fines, GDPR

ECJ Rules: GDPR Fines May Be Based on Entire Corporate Group’s Turnover

18. April 2025 by Debora Timoteo

The European Court of Justice (ECJ) has ruled on whether fines for violations of the General Data Protection Regulation (GDPR) should be based on the turnover of the specific company involved or the entire corporate group. Until now, it was unclear whether only the turnover of the individual entity responsible for the violation should be … Read more

Categories Data Protection Authority, Fines, GDPR Tags Compensation, Data Protection, ecj, GDPR

€50 Million Fine Against ORANGE for Unauthorized Advertising and Cookie Reading

29. January 202528. January 2025 by Debora Timoteo

The French data protection authority CNIL announced in a recent press release that a fine of €50 million has been imposed on the telecommunications provider ORANGE. The penalty was issued due to unauthorized inbox advertising and reading of cookies despite users withdrawing consent. This decision highlights the strict stance of data protection authorities against companies … Read more

Categories Fines, GDPR Tags Consent Withdraw, Cookie, GDPR, Unauthorized Advertising

Contact

Sitemap