Den Blå Avis (DBA), an online platform for second-hand goods, was found to be using deceptive patterns by the Danish DPA during their processing of personal data of website visitors. The DPA's investigation revealed that DBA had not obtained valid consent from visitors due to hidden information and bundling of consent. By clicking "accept," personal data was processed for multiple purposes, including marketing and personalisation, without clearly stating these purposes. Furthermore, DBA did not adequately inform visitors that their data would be shared with third parties, nor did they provide a link or menu in relation to the purpose for data sharing. The DPA assessed the second consent manager and found that the issues with the first CMP were still present, concluding that neither consent manager was adequate to obtain consent in accordance with Article 4(11) GDPR. The processing was therefore not in compliance with the principle of legality, reasonableness, and transparency outlined in Article 5(1)(a) GDPR.