(022) 820 801 centru@datepersonale.md
DP header logo
img mobile menu img close mobile menu
ROENРу
ico search toggle
datepersonale.md
/
Comunicate
/
Fine in the amount of 40 million euros applied by the French Supervisory Authority to CRITEO for the infringement of the legal provisions stipulated in GDPR

Fine in the amount of 40 million euros applied by the French Supervisory Authority to CRITEO for the infringement of the legal provisions stipulated in GDPR

img 122 Views

The National Center for Personal Data Protection (NCPDP), for information and application purposes, communicates about the fine in the amount of 40 million euros applied by the French Supervisory Authority (CNIL) to CRITEO for the infringement of the legal provisions stipulated in GDPR.

 

CRITEO specialises in “behavioral retargeting”, which consists of tracking the navigation of Internet users in order to display personalised advertisements. To this end, the company collects the browsing data of Internet users thanks to the CRITEO tracker (cookie) which is placed on their terminals when they visit certain CRITEO partner websites. Then, it participates in real time bidding and displays personalised advertising if it has won the bid.

Following complaints lodged by the organizations Privacy International and None of Your Business, the CNIL carried out several investigations into CRITEO.

The French SA found five breaches of the GDPR:

·        Failure to demonstrate that the person has given consent (Article 7.1 GDPR)

·        Failure to comply with the obligation of information and transparency (Articles 12 and 13 GDPR)

·        Failure to respect the right of access (Article 15.1 GDPR)

·        Failure to comply with the right to withdraw consent and erasure of data (Articles 7.3 and 17.1 GDPR)

·        Failure to provide for an agreement between joint controllers (Article 26 GDPR)

In this context, the CNIL imposed a fine of 40 million euros on CRITEO. Pursuant to the one-stop shop set up by the GDPR, this decision was submitted to all the other 26 European supervisory authorities, since they were all concerned by this cross-border case and they all approved it.

The NCPDP, as national supervisory authority for personal data processing, emphasizes the responsibility of personal data controllers to comply with the provisions of legal framework on personal data protection and to ensure that personal data processing operations are in accordance with the legislation in force.

img
Reprezentanții Serviciului de Protecție și Pază de Stat instruiți în domeniul protecției datelor cu caracter personal

La data de 06 decembrie 2023, Centrul Național pentru Protecția Datelor cu Caracter Personal a organizat un curs de instruire în domeniul protecției datelor cu caracter personal pentru angajații Serviciului de Protecție și Pază de Stat (SPPS), la solicitarea acestora. Scopul cursului de instruire a fost de a spori gradul de percepție a angajaților SPPS […]

img 29 Views
img
Training course on personal data protection organized for representatives of the Chisinau Police Department

On 5 December 2023, the National Center for Personal Data Protection (NCPDP) organized a training course on personal data protection for employees of the Chisinau Police Department. The aim of the training course was to increase the perception of the employees of the Chisinau Police Department on the principles of personal data protection, as well […]

img 7 Views
img Video gallery
img Information