GDPRAdvertising

Company Engaged in Marketing Tools Development

€1,000,000

Authority

CNIL

Country

France

Date Issued

December 11, 2025

Industry

Advertising

Summary

A marketing tools development company was fined €1,000,000 by CNIL for unjustified retention of data and unauthorized data processing by a sub-processor not approved by the data controller. The company failed to maintain proper processing activity records as required under GDPR.

Violation Types

Data RetentionProcessor ObligationsData Processing

Articles Violated

View original enforcement decision

Related Enforcement Actions

Meta Platforms Ireland

DPC · GDPR · May 22, 2023

€1.2B

Amazon Europe Core

CNPD · GDPR · July 16, 2021

€746M

X Corp

DPC · GDPR · December 1, 2023

€550M

Meta Platforms Ireland

DPC · GDPR · September 5, 2022

€405M

Meta Platforms Ireland

DPC · GDPR · January 4, 2023

€390M

Avoid enforcement risk with automated compliance

IQWorks helps organizations automate GDPR compliance before regulators come knocking.

Talk to an Expert