🎙⏯ GDPR, AI & Cybersecurity: Upcoming webinars and replays 🎙⏯ GDPR, AI & Cybersecurity: Upcoming webinars and replays 🎙⏯ GDPR, AI & Cybersecurity: Upcoming webinars and replays 🎙⏯ GDPR, AI & Cybersecurity: Upcoming webinars and replays
Call us on +(33)4 28 70 91 81
Log in

The CNIL imposes a fine of 900,000€ on a data brokerage company

Home CNIL Violations Report The CNIL imposes a fine of 900,000€ on a data brokerage company
The May 15, 2025, the CNIL sanctioned SOLOCAL MARKETING SERVICES for having:❌ canvassed millions of people without their consent,

❌ transmitted their data to partners without legal basis,

❌ been unable to prove consent collected through its partners.

Result:

  •   A fine of 900,000€
  •   An injunction to immediately stop illegal campaigns
  •  A penalty of 10,000€ per day if the company does not comply within 9 months

To remember:

  •   You are responsible for compliance, even if you are not the original collector and go through a broker.
  •   You must be able to prove consent in B2C: absence of proof = sanction.
  •   In addition to the fine, reputation, ability to prospect and customer trust are plummeting.

Advice from our experts:

The collection of data for the purpose of transmitting it to partners is not prohibited, provided that the legal framework is respected. You must inform users clearly and transparently on the following points:

  • Data collection : during collection, you must indicate by information that the data entered by users is collected, and for what purposes. If the legal basis for collecting this data is consent, this must be collected using an unpre-checked checkbox.
  • Transmission to partners : you must specify that the data collected may be transmitted to partners, and for what purposes. These partners or categories of partners must be clearly identified. The legal basis is usually consent, which must also be obtained through an unpre-checked checkbox.

Templates for disclosures are also available in our platform to help you inform users in a clear, concise manner and in compliance with GDPR requirements.

Attention: if certain partners are located outside the European Union, you must indicate this in your privacy policy and mention the guarantees governing these transfers (for example: standard contractual clauses, adequacy decisions, etc.). A template is available in our platform to help you.

🔗 Read the official CNIL press release

At Data Comply One (formerly Mission RGPD), we help you accelerate and manage your compliance with complete peace of mind thanks to our digital platform. And if you lack time or internal resources, our outsourced DPO offer takes over: you entrust the complete management of your GDPR compliance to a dedicated expert.

Other articles
on the same subject