Spain: AEPD fines Iberdrola Clientes €50,000 for GDPR violations
The Spanish data protection authority ('AEPD') issued, on 14 February 2020, a resolution ('the Resolution') in proceeding No. PS/00181/2019 against Iberdola Clientes, S.A.U., fining the company €50,000 for violating Article 6(1) of the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR'). In particular, the Resolution outlines that Iberdola Clientes, an electricity utility company, terminated the contract of the individual claimant without their consent, registered three new contracts with the same, unlawfully processed their personal data, and communicated the claimant's personal data to a third party without a legal basis.
You can read the Decision, only available in Spanish, here.