Data Protection Academy » Data Protection News » 15.000 Euro data protection fine company Belgium

A person holds five euro notes in his hand. A symbolisation for the data protection fine against Belgian company

15,000 Euro data protection fine Belgium

Date: 17.12.2019

Responsible body: Belgian company

Type of privacy violation: Privacy penalty for Google tracking cookies

In Belgium, a €15,000 fine was imposed on a private company for setting Google tracking cookies on its website without first obtaining the consent of website visitors.

Without consent, website operators - among others in Belgium - have no legal basis for tracking cookies. In Belgium, national law stipulates that cookies are only permitted if they are technically necessary or required for the transmission of a communication or service provision.

Google tracking is also no longer possible in Germany without prior consent. The use of Google Tools is not based on a legitimate interest as a legal basis (Article 6, para. 1 f GDPR), because Google acts as a controller in its own right, not as a data processor. Thus, the use of Google Tools constitutes a transfer of data to third parties and requires consent in this country as well.

The latest CJEU ruling recently showed how this consent must be structured in order to be legally secure: consent must be explicit, informed, verifiable and revocable (Art. 7 GDPR).

Categories of data: Browser data, website behaviour data

Country: Belgium

Source: dataprotect.at

Back to the overview of the data breaches

Book demo