Fines and sanctions under Law 25

The CAI can investigate complaints, order corrections, and impose administrative monetary penalties. Beyond fines, costs include reputation, project delays, and emergency fixes to public websites.

Common triggers

• Opaque or excessive collection via forms and trackers.
• Missed access or rectification deadlines.
• Poorly handled privacy incidents.
• Public site contradicting internal policy (cookies after refusal, outdated policy page).

Related: cookie banner, privacy policy.