{"id":5921,"date":"2025-03-04T09:55:34","date_gmt":"2025-03-04T09:55:34","guid":{"rendered":"https:\/\/avacysolution.com\/?p=5921"},"modified":"2025-03-05T11:01:08","modified_gmt":"2025-03-05T11:01:08","slug":"il-caso-maddalena-lines-srl","status":"publish","type":"post","link":"https:\/\/avacysolution.com\/en\/blog\/news\/the-case-of-maddalena-lines-srl\/","title":{"rendered":"The case of Maddalena Lines Srl: the errors highlighted by the Privacy Guarantor and what changes for websites."},"content":{"rendered":"

In recent months, the Privacy Guarantor<\/strong> has intensified checks on user consent management and the use of cookies on websites. The good news? For now, no fines. The bad news? Warnings<\/strong> have piled up, signaling that the grace period is ending, and those who do not comply with privacy rules may soon find themselves in trouble.<\/p>\n\n\n\n

A key element in this case is that these checks were not<\/strong> initiated following user reports but rather on the direct initiative of the Privacy Guarantor. In other words, the Authority decided not to wait for complaints but to proactively ensure that websites comply with the regulations.<\/p>\n\n\n\n

One of the most emblematic cases is that of Maddalena Lines Srl<\/strong>, a company that received a warning for non-compliant cookie banner<\/strong> management.<\/p>\n\n\n\n

Let's look at the details of the errors identified and what changes for website administrators.
<\/p>\n\n\n\n

Errors attributed to Maddalena Lines by the Privacy Guarantor:<\/h2>\n\n\n\n

1. The cookie banner was misleading and unnecessary<\/h3>\n\n\n\n

Maddalena Lines claimed to only use technical cookies<\/strong>, i.e., those essential for the website's functioning and that do not require user consent<\/strong>.<\/p>\n\n\n\n

So, why was the site still showing a cookie banner<\/strong>? This created confusion because users were prompted to interact with something unnecessary, giving the impression that they had to accept data processing that was not actually taking place<\/strong>.<\/p>\n\n\n\n

\ud83d\udd34 Mistake<\/strong>: If you only use technical cookies, the banner is not needed<\/strong>. Its presence can mislead users into thinking that data processing is occurring when it isn\u2019t, which is considered misleading<\/strong>.<\/p>\n\n\n\n

Don't know how to set up the cookie banner for your website? Read the guide<\/a>.<\/p>\n\n\n\n

2. The banner message was inconsistent with cookie usage.<\/h3>\n\n\n\n

The banner displayed on the site included a message like:
<\/p>\n\n\n\n

\n

\u201cWe use cookies to personalize content and ads, provide social media features, and analyze our traffic. We also share information about how you use our site with our analytics, advertising, and social media partners, who may combine it with other information you\u2019ve provided them or collected from your use of their services.\u201d<\/em><\/p>\n<\/blockquote>\n\n\n\n

This type of message is perfectly legitimate<\/strong> if the site uses profiling cookies or third-party cookies<\/strong>.<\/p>\n\n\n\n

However, Maddalena Lines claimed to use only technical cookies<\/strong>, which means the message was false or misleading<\/strong>, as it implied tracking activities that did not take place.<\/p>\n\n\n\n

\ud83d\udd34 Mistake<\/strong>: The banner must accurately<\/strong> reflect the actual use of cookies on the site. If no profiling or third-party cookies are used, users should not be led to believe otherwise.<\/p>\n\n\n\n

Don't know how to set up the cookie banner for your website? Read the guide<\/a>.<\/p>\n\n\n\n

3. Lack of a direct link to the cookie policy<\/h3>\n\n\n\n

Another issue? The banner did not contain a direct link to the cookie policy<\/strong>.<\/p>\n\n\n\n

According to the regulations, users must be able to easily access information about the cookies used on the site. In this case, however, there was no link<\/strong>, not even in the \"Show details\" section, making data management less transparent.<\/p>\n\n\n\n

\ud83d\udd34 Mistake<\/strong>: The cookie policy must be easily accessible and direct<\/strong>, without requiring users to search for it on the site.<\/p>\n\n\n\n

To learn more, read \"Difference Between Cookie Policy and Privacy Policy: Complete Guide<\/a>\" now.<\/p>\n\n\n\n

4. No option to close the banner without accepting cookies<\/h3>\n\n\n\n

Another issue reported by the Privacy Guarantor: the banner did not provide an option to close it without accepting cookies<\/strong>.<\/p>\n\n\n\n

In practice, users were forced to choose between \u201caccept\u201d and \u201creject\u201d<\/strong> but were not offered a convenient \"X\" to close the banner and continue browsing.<\/p>\n\n\n\n

\ud83d\udd34 Mistake:<\/strong> GDPR guidelines state that users must be able to reject cookies as easily as they can accept them<\/strong>. Without a close button, the banner becomes coercive<\/strong>.<\/p>\n\n\n\n

To learn more: \"Cookie wall and cookie paywall: what they are and legal implications<\/a>“.<\/p>\n\n\n\n

5. No granular consent management<\/h3>\n\n\n\n

Finally, Maddalena Lines did not allow users to choose which cookies to accept and which to reject<\/strong>.<\/p>\n\n\n\n

If a website uses profiling or third-party cookies, it must give users the ability to select individual categories of cookies they want to enable.<\/p>\n\n\n\n

\ud83d\udd34 Mistake: <\/strong>Forcing a \u201call or nothing\u201d acceptance is not compliant<\/strong> with GDPR rules.<\/p>\n\n\n\n

Read more: \"How to collect marketing profiling consent: everything you need to know<\/a>“.<\/p>\n\n\n\n

Risks for those who do not comply:<\/h2>\n\n\n\n

The Authority's action shows that compliance with data protection regulations<\/strong> is no longer an option but a necessity. With increasing inspections<\/strong> and a more proactive<\/strong> approach from the Authority, website owners must ensure GDPR compliance<\/a><\/strong>, avoiding mistakes that could lead to unpleasant consequences.<\/p>\n\n\n\n

1. Possible financial penalties<\/h3>\n\n\n\n

For now, the Authority has chosen the path of a warning<\/strong>, giving companies time to comply. However, in the past, significant fines<\/strong> have already been imposed for privacy regulation violations<\/strong>.<\/p>\n\n\n\n

Penalties for failing to comply with cookie and consent management rules can reach up to 4% of global annual revenue or \u20ac20 million<\/strong>, whichever is higher. In some cases, even seemingly minor errors<\/strong>, such as the absence of a clear option to reject cookies or misleading information, can be considered violations and lead to sanctions.<\/p>\n\n\n\n

2. Worsening of the user experience<\/h3>\n\n\n\n

A poorly designed cookie banner is not just a legal issue; it can also affect the user experience on the website<\/strong>.<\/p>\n\n\n\n

If the banner is too invasive, forces unnecessary actions, or does not allow users to continue browsing without accepting cookies, they may simply abandon<\/strong> the site. This leads to:<\/p>\n\n\n\n