All company websites used cookies but according to the AEPD failed to inform rightfully about cookies and collect their users’ consent to cookies.
First fine – USED COOKIES WITHOUT USER CONSENT
The Innova Resort S.L. is fined €3.000 for storing analytics and advertising cookies without requesting their users’ consent.
Cookies were stored onto the visitors’ computers without the user carrying out any action. Furthermore, users were instructed to use browser settings to control and delete cookies.
Fine number 2 – NO WAY GIVEN TO SITE USERS TO CONTROL COOKIES
The Garantiza Automoción S.L. has also been fined €3.000 for not presenting users with a cookie banner or cookie pop-up.
Thereby, the website did not provide users with the opportunity to be informed about cookies or to make any choices regarding the cookies which were stored on their computers.
Fine number 3 – SETTING UN-NECESSARY COOKIES WITHOUT CONSENT
The AEPD has fined Petrolis Independents S.L. €3.000 for not letting users choose between which cookies to accept and which to reject.
Again, cookies are stored on the users’ computers as they enter the site before they have accepted or rejected cookies.
Therefore, AEPD holds that Twitter has violated Spanish Data Protection laws. The AEPD has required Twitter to take appropriate actions within one month.
See our post on: What is classed as a GDPR data breach?