Since the beginning of this year, the Personal Data Protection Office has issued fines of almost CZK 4,500,000 for breaches of the GDPR in connection with the processing of personal data via cookies.
According to the Personal Data Protection Office, the most common or most significant breaches include:
1) saving so-called non-technical cookies on users’ devices without their consent (for this offence the Personal Data Protection Office has imposed the highest fine of CZK 898,000);
2) deficiencies in consent to the processing of personal data (in particular, insufficient information to users about the processing);
3) insufficient information about cookies (insufficient classification of particular cookies or information available only in English);
4) the impossibility or significant complication of withdrawing the consent with the processing of personal data via cookies;
5) placing the option to “consent” or “not consent” to the use of cookies in different layers within the cookie bar;
6) the cookie bar is either unresponsive or insufficiently responsive to individual settings for the processing of personal data via cookies.
We have extensive experience with cookies and the processing of personal data. If you need assistance with cookies settings on your website, please do not hesitate to contact us, we will be happy to provide you with legal assistance.
By Matyas Kuzela, Partner, and Tomas Zwinger, Lawyer, Act Legal