General Data Protection Regulation (GDPR) - Imposed Fines

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search
GDPR - Imposed Fines
Date Company Amount Fined By Main Reason(s) Source(s)
2019-01-21 Google €50 million France (CNIL) "...lack of transparency, inadequate information and lack of valid consent regarding the ads personalization."[1]
2018-10 Hospital do Barreiro €400,000 Portugal (CNPD) "...based on access policies to databases, which allowed technicians and physicians to consult patients’ clinical files, without proper authorization."[2]
2018-11-21 (German social network) €20,000 Germany (Baden-Württemberg) "...unauthorized access to and disclosure of personal data of around 330,000 users, including passwords and email addresses."[3]


  1. ^ "The CNIL's restricted committee imposes a financial penalty of 50 Million euros against GOOGLE LLC | CNIL". Retrieved 2019-01-24.
  2. ^ "Cuatrecasas". Retrieved 2019-01-24.
  3. ^ "HL Chronicle of Data Protection | Privacy Attorneys & Data Security Lawyers | Hogan Lovells". HL Chronicle of Data Protection. Retrieved 2019-01-24.