The CNIL punishes a company accused of sending spam email in the French. The company is fined €7,300 by the CNIL for breaching of the GDPR on December 31, 2020.
GDPR: Two-person small business is fined €7,300 - UniConsent
The CNIL is the federal Data Protection Authority for France. The authority is established in Paris and is in charge of enforcing GDPR for France.
The CNIL requires that companies collect the consent before sending prospecting emails and to be able to prove the consent.
The very small company employs only two people sent commercial prospecting emails without proof of the prior consent.
Five breaches were identified following checks carried out by the supervisory authority CNIL:
The company must comply within 2 months otherwise it is exposed to the payment of a fine of €1,000 per day of delay.