Croatia
Company
20,000 €
GDPR enforcement action by Croatian Data Protection Authority (azop) on 2024-02-26.
Rank · Sector
#33
of 218 in Not assigned
Rank · Croatia
#25
of 43
Rank · All fines
#1,109
of 3,050
Case details
- Authority
- Croatian Data Protection Authority (azop)
- Date
- 2024-02-26
- Controller / Processor
- Company
- Sector
- Not assigned
- Quoted Articles
- Art. 6 (1) GDPR, Art. 7 GDPR, Art. 13 (1), (2) GDPR
- Type of violation
- Insufficient legal basis for data processing
Summary
The Croatian DPA has imposed a fine of EUR 20,000 on a company. The controller processed personal data through cookies without obtaining valid consent. Data subjects were not given the opportunity to give informed consent before non-essential cookies were used because the cookies were loaded before they could do so via the cookie banner. Additionally, the controller did not provide adequate cookie and privacy information.
Open original source
Links to the regulator's original publication or another source.
Related fines
Croatia
2023-10-05
5,470,000 €
ETid-2063
Debt collection company
Finance, Insurance and Consulting
Croatia
2024-04-22
5,004,000 €
ETid-2303
Unknown
Not assigned
Croatia
2025-11-24
4,500,000 €
ETid-2937
Telecommunications operator (operator of electronic communications networks and services)
Media, Telecoms and Broadcasting
Croatia
2023-05-04
2,265,000 €
ETid-1816
Debt collection agency
Finance, Insurance and Consulting
Croatia
2025-12-18
1,500,000 €
ETid-3102
Bank
Finance, Insurance and Consulting
Croatia
2023-05-18
380,000 €
ETid-1859
Sports betting operator
Industry and Commerce