GDPRRetail

Online Commerce

€250,000

Authority

CNIL

Country

France

Date Issued

July 28, 2020

Industry

Retail

Summary

Online Commerce failed to apply data minimization principles, retained personal data beyond necessary periods, failed to provide adequate information to individuals, and did not ensure proper security and confidentiality of personal data. CNIL imposed a €250,000 fine and enforcement order.

Violation Types

Data CollectionData RetentionTransparencySecurity

Articles Violated

View original enforcement decision

Related Enforcement Actions

Meta Platforms Ireland

DPC · GDPR · May 22, 2023

€1.2B

Amazon Europe Core

CNPD · GDPR · July 16, 2021

€746M

X Corp

DPC · GDPR · December 1, 2023

€550M

Meta Platforms Ireland

DPC · GDPR · September 5, 2022

€405M

Meta Platforms Ireland

DPC · GDPR · January 4, 2023

€390M

Avoid enforcement risk with automated compliance

IQWorks helps organizations automate GDPR compliance before regulators come knocking.

Talk to an Expert