GDPRFinance

Society Issuing and Marketing Deferred Debit Payment Cards

€1,500,000

Authority

CNIL

Country

France

Date Issued

November 27, 2025

Industry

Finance

Summary

A French payment card company was fined €1.5 million by CNIL for violating GDPR requirements regarding user consent for cookies and tracking technologies. The violation involved failing to obtain proper consent from individuals before placing cookies on their devices.

Violation Types

ConsentCookies

Articles Violated

View original enforcement decision

Related Enforcement Actions

Meta Platforms Ireland

DPC · GDPR · May 22, 2023

€1.2B

Amazon Europe Core

CNPD · GDPR · July 16, 2021

€746M

X Corp

DPC · GDPR · December 1, 2023

€550M

Meta Platforms Ireland

DPC · GDPR · September 5, 2022

€405M

Meta Platforms Ireland

DPC · GDPR · January 4, 2023

€390M

Avoid enforcement risk with automated compliance

IQWorks helps organizations automate GDPR compliance before regulators come knocking.

Talk to an Expert