The sanctions issued by the CNIL
The sanctions issued by the CNIL’s restricted committee since the entering into force of the GDPR.
| Date | Name or type of organization |
Main breaches/ Theme subject |
Adopted decision |
|---|---|---|---|
|
1/21/2019 |
OS AND SERVICES |
Lack of transparency, unsatisfying information and lack of valid consent |
Monetary penalty of 50 000 000 euros |
|
1/31/2019 |
ONLINE SEARCH ENGINE |
De-listing |
Dropping of charges |
|
1/31/2019 |
PROPERTY MANAGEMENT COMPANY |
Security and personal data retention period |
Dropping of charges |
|
1/31/2019 |
NATIONAL PUBLIC ADMINISTRATION |
Personal data security breach |
Injunction with periodic penalty payment |
|
5/28/2019 |
PROPERTY MANAGEMENT COMPANY |
Personal data security breach and non-compliance with the retention periods |
Monetary penalty of 400 000 euros |
| 6/13/2019 | TRANSLATION COMPANY |
Inadequate and excessive data, irrelevant, unsatisfying information, personal data security breach Video surveillance |
Monetary penalty of 20 000 euros, injunction with periodic penalty payment |
| 7/18/2019 | INSURANCE INTERMEDIARY COMPANY |
Personal data security breach |
Monetary penalty of 180 000 euros |
| 10/10/2019 | EARLY CHILDHOOD PHOTOGRAPHY COMPANY |
Failure to comply with the rights of access and to erasure, data security and confidentiality breach |
Monetary penalty |
| 11/21/2019 | ISOLATION EQUIPMENT INSTALLATION COMPANY | Inadequate, irrelevant and excessive data, lack of individual information, non-compliance with the right to object, lack of cooperation with the supervisory authority, no legal data transfer outside the UE | Monetary penalty of 500 000 euros |
| 30/12/2019 | HELP TO DISABLED AND ELDERLY INDIVIDUALS |
Infringements on data retention limitation principle Unsatisfying information Infringements to the obligation of security by processor |
Monetary penaly, injunction with periodic penalty payment |
| Date | Name or type of organization |
Main breaches/ Theme subject |
Adopted decision |
|---|---|---|---|
|
1/8/2018 |
HOUSEHOLD APPLIANCES RETAIL |
Personal data security breach Website |
Monetary penalty |
|
5/7/2018 |
OPTICAL RETAIL |
Personal data security breach Website |
Monetary penalty |
|
6/21/2018 |
ASSOCIATION |
Personal data security breach Website |
Monetary penalty |
| 6/26/2018 | PROXIMITY FREIGHT TRANSPORT ROAD | Failure to comply with the rights of access (especially on tachograph data) | Injunction with periodic penalty payment |
| 7/24/2018 | PRESS GROUP | Personal data security breach and non-compliance with the retention periods | Monetary penalty of 400 000 euros |
| 7/24/2018 | VIDEO-SHARING PLATFORM |
Personal data security breach Website |
Monetary penalty |
| 7/24/2018 | SOCIAL BUILDING CONSTRUCTION & MANAGEMENT | Personal data misuse | Monetary penalty |
| 7/24/2018 | METAL TREATMENT AND COATING COMPANY | Lack of answer to an order to comply from the CNIL | Monetary penalty |
| 9/6/2018 | ASSOCIATION |
Personal data security breach Website |
Monetary penalty |
| 9/6/2018 | ELEVATORS AND PARKING CCTV |
Excessive data, unsatisfying information, lack of personal data security and confidentiality Phone communication recording/Biometrics |
Monetary penalty |
| 12/19/2018 | PRIVATE TRANSPORTS COMPANY |
Personal data security breach Mobile application |
Monetary penalty |
| 12/26/2018 | TELECOM PROVIDER |
Personal data security breach Website |
Monetary penalty |