UK DUAA right to complain enforces in -- days · 19 June 2026 EU AI Act high-risk enforces in -- days · 2 August 2026
OBEXGATE
Free AI Risk Assessment Does OBEXGATE apply to you?

Enforcement Intelligence

GDPR Enforcement Risk in Spain Hospitality

Real enforcement patterns. Operational governance signals. Practical remediation paths.

Analyse your AI governance risk

Free AI Risk Assessment Informational Meeting

Enterprise-grade AI governance without the enterprise team. Português, Français, Deutsch, Español, and English. 89 Articles, 4 Continents, within your budget and expertise level. Runtime AI Governance. For a demo: hello@obexgate.com

Enforcement Summary

Total finesEUR 207K
Enforcement actions50
Largest fineEUR 42K
Most common violationNon-compliance with general data processing principles
Primary regulatorSpanish Data Protection Authority (aepd)
Risk signal64

Top Violations

Structured violation patterns are shown only when supplied in the enforcement dataset.

Non-compliance with general data processing principles

Count
36

Insufficient fulfilment of information obligations

Count
6

Insufficient legal basis for data processing

Count
5

Insufficient data processing agreement

Count
1

Insufficient technical and organisational security measures

Count
1

Common Patterns

Operational patterns that repeat across enforcement records.

Real Examples

Examples are shown only when source-backed records are supplied.

Travel services company

Regulator
Spanish Data Protection Authority (aepd)
Date
2025-08-14
Fine amount
EUR 42K
Source
Source
Governance lesson
Non-compliance with general data processing principles

Hotel group

Regulator
Spanish Data Protection Authority (aepd)
Date
2025-12-20
Fine amount
EUR 32K
Source
Source
Governance lesson
Insufficient technical and organisational security measures

Cruise line operator

Regulator
Spanish Data Protection Authority (aepd)
Date
2023-07-07
Fine amount
EUR 15K
Source
Source
Governance lesson
Non-compliance with general data processing principles

Enforcement Pattern › Governance Control › Runtime Evidence

OBEXGATE Remediation Positioning

OBEXGATE turns enforcement patterns into operational controls and runtime evidence.

Enforcement Pattern Governance Control Runtime Evidence

Source and Update Positioning

Source datasetSpanish Data Protection Authority (AEPD)
Last updated2026-06-02

Language alternates

Related OBEXGATE links

Information contained is not medical advice, legal advice, or a guarantee of success. Regulatory requirements change and should be verified against current published guidance, legislation, and regulator materials.