Excessive retention period of users' health data, no collection of their consent, failure to comply with the obligation to secure personal data... The Doctissimo site was fined 380,000 euros for failing to comply with obligations under the GDPR (General Data Protection Regulation), said the CNIL on Wednesday.
i️🔴 The CNIL imposes a penalty of 380,000 euros against the company DOCTISSIMO for failing to comply with obligations of the #RGPD and for not having respected the rules on #cookies 👉 https://t.co/at0x5sVDNg pic.twitter.com/SbCxbsO2Ny
— CNIL (@CNIL) May 17, 2023
The website, owned by the Reworld Media group, will have to pay a fine of 280,000 euros under the European Data Protection Regulation (GDPR) for personal and health data kept indefinitely and collected without consent, as well as a fine of 100,000 euros for infringements relating to cookies, according to the document.
> More information to come