Belgium
Technology Company
177,000 €
GDPR enforcement action by Belgian Data Protection Authority (APD) on 2026-05-12.
Rank · Sector
#18
of 212 in Employment
Rank · Belgium
#4
of 50
Rank · All fines
#382
of 3,039
Case details
- Authority
- Belgian Data Protection Authority (APD)
- Date
- 2026-05-12
- Controller / Processor
- Technology Company
- Sector
- Employment
- Quoted Articles
- Art. 5 (1) a) GDPR, Art. 6 (1) GDPR, Art. 12 GDPR, Art. 13 GDPR
- Type of violation
- Insufficient legal basis for data processing
Summary
The Belgian DPA has imposed a fine of EUR 177,000 on a technology company. The controller failed to delete a former employee's email account, resulting in personal data being processed without sufficient legal basis. The controller only deactivated the email account after a certain period of time, which cannot be considered a deletion, which would have been necessary. Additionally, the controller failed to adequately inform the data subject regarding the processing.
Open original source
Links to the regulator's original publication or another source.
Related fines
Belgium
2020-07-14
600,000 €
ETid-344
Google Belgium SA
Media, Telecoms and Broadcasting
Belgium
2022-04-04
200,000 €
ETid-1116
Brussels Airport Zaventem
Transportation and Energy
Belgium
2024-12-17
200,000 €
ETid-2521
Hospital
Health Care
Belgium
2024-01-16
174,640 €
ETid-2225
Black Tiger Belgium
Industry and Commerce
Belgium
2026-05-12
120,000 €
ETid-3174
Isabel SA
Finance, Insurance and Consulting
Belgium
2021-04-26
100,000 €
ETid-664
Financial company
Finance, Insurance and Consulting