The CNIL, France’s data protection authority, recently fined two online clairvoyance platforms, COSMOSPACE and TELEMAQUE, for serious breaches of the General Data Protection Regulation (GDPR). The penalties, €250,000 and €150,000 respectively, underline the importance of protecting users’ personal data, particularly in industries dealing with sensitive information.
Both companies collected excessive personal data from users during registration and online consultations, including details about health, finances, and personal relationships. The platforms failed to justify the necessity of gathering such comprehensive information. Furthermore, they did not provide users with clear, accessible information on how their data was being processed. In some cases, consent was improperly sought, violating GDPR’s stringent requirements for transparency and informed agreement.
Additionally, data security measures were deemed inadequate, leaving users vulnerable to potential breaches. TELEMAQUE faced further scrutiny for its failure to address these shortcomings despite earlier warnings from CNIL investigators.
These fines highlight the CNIL’s dedication to enforcing GDPR standards across all sectors. The authority continues to set an example, demonstrating that even niche markets like online clairvoyance must adhere to data protection laws. The decision serves as a warning to businesses that collect sensitive data to evaluate their compliance practices rigorously.
This case underscores the need for organizations to prioritize data minimization, user consent, and robust security measures. Clear communication with users about data practices is not just good ethics—it’s the law. Failing to do so risks significant fines and reputational damage.
For further details on the CNIL’s decision, visit their official website: CNIL
