Croatian DPA levies largest GDPR fine


The Croatian data protection authority (AZOP) handed down its largest penalty under the General Data Protection Regulation (GDPR) to date: a fine of nearly 2.3 million euros (U.S. $2.5 million) against debt collector B2 Kapital.

The enforcement action, announced in English in a May 4 press release by AZOP, is the first to include a GDPR fine surpassing seven figures in the country, according to the GDPR Enforcement Tracker. The previous high recorded was a penalty of €285,000 (then-U.S. $291,000) against a telecommunications firm in July.

AZOP said it uncovered violations of multiple articles of the GDPR at B2 in its investigation, several of which the regulator claims have still yet to be remedied.

lock iconTHIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.