GDPRHealthcare

Company Publishing a Website Offering Articles, Tests, Quizzes and Discussion Forums Related to Health and Wellness

€380,000

Authority

CNIL

Country

France

Date Issued

May 11, 2023

Industry

Healthcare

Summary

A health and wellness website operator was fined €380,000 by CNIL for multiple GDPR violations including insufficient consent for health data processing, inadequate data security measures, improper cookie and tracker consent, excessive data retention, and deficient processor oversight obligations.

Violation Types

ConsentSecurityCookiesData RetentionProcessor Obligations

Articles Violated

View original enforcement decision

Related Enforcement Actions

Meta Platforms Ireland

DPC · GDPR · May 22, 2023

€1.2B

Amazon Europe Core

CNPD · GDPR · July 16, 2021

€746M

X Corp

DPC · GDPR · December 1, 2023

€550M

Meta Platforms Ireland

DPC · GDPR · September 5, 2022

€405M

Meta Platforms Ireland

DPC · GDPR · January 4, 2023

€390M

Avoid enforcement risk with automated compliance

IQWorks helps organizations automate GDPR compliance before regulators come knocking.

Talk to an Expert