In recent months, the Privacy Authority has intensified its checks on websites, hunting for those who do not comply with the rules on data processing and the use of cookies. Until recently, many sites "played dirty," hoping to go unnoticed, but today, the Privacy Authority is conducting independent checks, even without direct user reports.
After the Maddalena Lines and Capital Investment cases, now it’s Matrix Srl’s turn to come under the Authority’s scrutiny. The reason? Cookies activated without informing users, no banner on the first visit, and zero transparency regarding tracking methods.
If you have a website, this case could concern you more than you think. Let’s see what happened and what you can do to avoid problems.
The serious mistakes made by Matrix Srl
1. No cookie banner on first visit
Open a website for the first time and see no cookie notice? That’s illegal.
Matrix Srl did not display any cookie banner on the first visit, neither on the homepage nor on other pages of the site. However, according to the GDPR, every site that uses non-technical cookies must ask for user consent before activating them.
What does this mean? Visitors to the site were being tracked without their knowledge. And the Privacy Authority no longer turns a blind eye to these things.
Set up the cookie banner now with Avacy
Start now2. No cookie or privacy notice
If a user wanted to understand what data was being collected, for what purpose, and with whom it was being shared, they had no way to find out.
The site did not have an accessible notice, neither for cookies nor for privacy management. A double violation of the GDPR.
The rules state that every site must provide clear, detailed, and always-available information about:
- Types of cookies used (technical, profiling, third-party, etc.)
- Purposes of data collection (analytics, advertising, personalization, etc.)
- Parties with whom data is shared
- Methods for modifying preferences or withdrawing consent
Matrix Srl did not provide any of this.
Try Avacy's privacy and cookie policy generator now
Start now3. The site used cookies… but without saying so
The most serious part? Matrix Srl tracked users without informing them.
By performing a technical check using Chrome's “View all site permissions and data” feature, the Authority discovered that the website was installing cookies and collecting data without informing anyone.
This is one of the most serious GDPR violations because it means the site was collecting user information without consent and with no transparency.
To learn more: "Consent to personal data processing: everything you need to know for your website“.
What does this mean for your website?
This case makes one thing clear: the Privacy Authority is conducting checks without waiting for reports.
If your site is not compliant, you could be next. And no, the excuse "no one will notice" doesn’t apply anymore.
If your site:
- Doesn’t show a clear cookie banner on first access
- Doesn’t have a transparent privacy notice
- Installs cookies without asking for consent
…you are non-compliant. And the risk of receiving a warning (or worse, a fine) is real.
Make your website GDPR-compliant with Avacy
Start nowHow to get compliant and sleep peacefully
Adhering to the GDPR is not just a legal matter but also about trust. Users want to know how their data is being used and who is collecting it. Sites that don’t follow these rules will eventually get caught.
Here are the 3 essential things to do immediately:
- Implement a clear and compliant cookie banner that informs users and allows them to accept or reject cookies with equal ease.
- Provide a detailed and always-accessible privacy notice explaining which data is collected, how it’s used, and with whom it’s shared.
- Use a Consent Management Platform (CMP) to automate compliance and monitor for any irregularities.
The regulations are becoming stricter, and checks are more frequent. Relying on a professional solution like Avacy is the right choice to avoid problems and ensure your site is always compliant, transparent, and secure.
Avacy’s support for compliant privacy management
Getting your website compliant may seem complicated, but fortunately, there are tools designed to make everything easier and automated. Avacy is a professional solution for consent management and GDPR compliance, designed to help businesses and website owners adhere to privacy regulations without difficulty. Thanks to its advanced features, Avacy helps avoid mistakes, reduce legal risks, and ensure a transparent and secure user experience.
What Avacy offers:
1. GDPR-compliant cookie banners
Avacy provides a fully customizable cookie banner, compliant with the Privacy Authority’s guidelines and the GDPR. The system allows you to:
- Inform users clearly and transparently about the use of cookies.
- Offer the option to accept, reject, or customize consent with equal ease.
- Prevent the activation of non-technical cookies before consent, avoiding GDPR violations.
- Adapt graphically to the website, ensuring a smooth and uninterrupted user experience.
2. Advanced consent management
One of the main issues found on non-compliant websites is the incorrect management of consent. Avacy solves this problem by offering a comprehensive system that:
- Records and stores user preferences, ensuring traceability of consent.
- Allows users to modify or withdraw their consent at any time, as required by the regulation.
- Offers an intuitive interface for granular cookie management, allowing the selection of specific categories (e.g., technical cookies, profiling cookies, or third-party cookies).
- Ensures compatibility with major browsers and devices, avoiding functionality issues.
3. Constant compliance monitoring
Privacy regulations are continuously evolving, and the risk of being outdated can lead to fines and legal issues. Avacy offers a monitoring system that:
- Automatically updates settings based on the latest Privacy Authority and GDPR guidelines.
- Regularly checks the site for any undeclared cookies.
- Reports any non-compliance, allowing you to act promptly.
4. Easy and quick integration
Avacy is designed to be easily integrated into any website, without requiring advanced technical skills. Features include:
- Quick installation in a few simple steps.
- Compatibility with major CMS and e-commerce platforms (WordPress, Shopify, Magento, Joomla, etc.).
- A user-friendly interface that allows site owners to manage settings without the need for developers.
Detailed reports and audits
To ensure compliance with regulations, it is essential to monitor and document consent management. Avacy provides advanced tools to:
- Generate detailed reports on user preferences, recording every consent received.
- Provide real-time audits, useful to demonstrate compliance in case of inspections by the Privacy Authority.
- Offer a log of user preferences, which can be consulted and downloaded at any time.
Why choose Avacy?
Businesses and website owners can no longer afford to ignore privacy regulations. With more frequent checks and users becoming increasingly aware of their data protection rights, GDPR compliance is essential. Avacy is not just a simple cookie management tool, but a complete solution to ensure compliance and protect your business from legal and reputational risks.
Conclusion
The Matrix Srl case is just the latest example of how the Privacy Authority is intensifying checks on websites. The violations found – from the lack of a cookie banner to the unauthorized use of tracking cookies – demonstrate that ignoring regulations can lead to serious legal and reputational risks.
Adhering to the GDPR is no longer an option but a necessity for anyone managing a website. Being compliant means not only avoiding fines but also increasing user trust by offering them a transparent and secure experience.
Relying on a platform like Avacy helps automate privacy management, reduce risks, and ensure your site is always updated to regulations. With more frequent checks, it’s no longer worth taking the risk: getting your site compliant today means avoiding problems tomorrow.
