CNIL imposes joint accountability fines on a controller and processor for GDPR infringement

On 27 January 2021, CNIL fined a controller €150,000 and a processor €75,000 for EU (European Union) GDPR data protection infringements.  After receiving numerous personal data breach notifications from customers who were making purchases from the controller's website, CNIL initiated an investigation to analyse data processing activities of the website. The investigation was also [...]