The Cnil, the French personal data policeman, has fined TotalEnergies a million euros, for not having respected in particular the obligations in terms of "
commercial prospecting and the rights of persons
", she said. announced Thursday.
The Commission indicated that it had received "
several complaints
" concerning the difficulties encountered by customers in the French energy producer and supplier taking into account "
their requests for access to their data
" and "
objection to receiving commercial prospecting calls
”.
Read also12 cents instead of 10: TotalEnergies is revising its discount upwards for motorway stations this summer
The amount of the fine was decided "
in view of the breaches identified as well as taking into account all the measures taken by the company during the procedure to bring itself into compliance
", specified the Cnil in its press release. .
Four failures
The company offered, on its website, a subscription form for an energy contract in which the user acknowledged giving his consent for the use of his personal data in order to subsequently receive commercial offers, without having the possibility of s oppose it.
However, according to the personal data policeman, the checks carried out made it possible to highlight four breaches of the General Data Protection Regulations (GDPR).
Read alsoLeak of 500,000 medical files: the Cnil imposes a fine on Dedalus
In July 2021, the social protection group AG2R La Mondiale received a fine of 1.75 million euros for non-compliance with the GDPR.
In particular, he was accused of not having provided all the elements required by the GDPR to people canvassed by telephone by subcontractors.
However, the company had taken measures to correct these shortcomings, which the Cnil body responsible for sanctions had "
taken note
of ".