GDPRGovernment

Public Industrial and Commercial Establishment

€400,000

Authority

CNIL

Country

France

Date Issued

October 29, 2021

Industry

Government

Summary

A public industrial and commercial establishment was fined €400,000 by CNIL for failing to comply with data minimization and accountability principles, maintaining excessive data retention periods, and inadequate data security measures.

Violation Types

SecurityData RetentionData Collection

Articles Violated

View original enforcement decision

Related Enforcement Actions

Meta Platforms Ireland

DPC · GDPR · May 22, 2023

€1.2B

Amazon Europe Core

CNPD · GDPR · July 16, 2021

€746M

X Corp

DPC · GDPR · December 1, 2023

€550M

Meta Platforms Ireland

DPC · GDPR · September 5, 2022

€405M

Meta Platforms Ireland

DPC · GDPR · January 4, 2023

€390M

Avoid enforcement risk with automated compliance

IQWorks helps organizations automate GDPR compliance before regulators come knocking.

Talk to an Expert