AEPD - PS/00032/2020
|AEPD - PS/00032/2020|
|Relevant Law:||Article 58(2) GDPR|
Article 22(2) LSSI
|National Case Number/Name:||PS/00032/2020|
|European Case Law Identifier:||n/a|
|Original Source:||AEPD (in ES)|
The Spanish DPA (AEPD) fined the airline Iberia €30000 for failing to give users of its website the option to reject all cookies upon visiting the website’s homepage.
English Summary[edit | edit source]
Facts[edit | edit source]
Dispute[edit | edit source]
Was the airline in breach of the GDPR or Spanish law?
Holding[edit | edit source]
The AEPD held that Iberia violated Article 22(2) of the Spanish Law on Information Society Services (LSSI) by failing to facilitate simple and/or free processes for users of their website to withdraw their consent. In its resolution, the AEPD held that following its own investigation in February 2020, Iberia was still not in conformity with several recommendations in the AEPD Guide on Cookies, nor was the option to reject all cookies available.
Comment[edit | edit source]
Share your comments here!
Further Resources[edit | edit source]
Share blogs or news articles here!
English Machine Translation of the Decision[edit | edit source]
The decision below is a machine translation of the Spanish original. Please refer to the Spanish original for more details.