Data-Scraping: A Clear Limitation by the French Data Protection Authority on Direct Marketing Practices Using Data from Third Party Services

Image gallery

A newspaper JDSupra informed about recent activities of French authorities regarding the GDPR:

"The French Supervisory Authority (CNIL) wrapped up 2020 with a EUR 20,000 fine against NESTOR, a French food preparation and delivery company catering to office employees (see full decision here in French). The CNIL highlighted various breaches of the General Data Protection Regulation (GDPR) 2 and the ePrivacy Directive regarding the processing of prospects and clients’ personal data by the CNIL, most notably:

  • The lack of prior consent of the prospects to receiving direct marketing communication by electronic means, thereby violating Article L.34-5 of the French Post and Electronic Communications Code (CPCE);3
  • The failure to properly inform individuals4 whether:
    • Upon the creation of their account on the company’s platform, or
    • Upon indirect collection through external sources;
  • The failure to properly address Data Subjects’ Access Requests (DSAR).5"

To see the complete article follow this link


No results found
No results found
Try adjusting your search or filter to find what you're looking for.
There are no items