Mr. A.A.A. (Claimant) v. Just Landed, S.L.

€ 3000 in fines


Just Landed, a Spanish entity, has been fined by the Spanish DPA for having a privacy policy written only in English and not providing a mechanism to accept, reject or manage cookies.

Our analysis

The Spanish DPA has fined the entity behind the URL.1 website for violating GDPR and LOPDGDD regulations. The website's privacy policy was written only in English, despite the entity being located in Spanish territory which amounts to language discontinuity. Additionally, the website did not have a banner or notice related to the existence of cookies, and there was no link or mechanism for users to accept, reject or manage cookie installation. Cookies were loaded automatically without any prior action, amounting to forced action. These deceptive patterns violate article 13 of the GDPR, which requires the provision of information to interested parties at the time of data collection.


The outcome is a €3,000 sanction for improper use of data storage and recovery devices without consent. JUST LANDED, SL must include a Spanish "privacy policy" and information on cookies, with a mechanism for users to manage preferences. They must also ensure cookies are not installed unnecessarily. Failure to comply may result in a €30,000 fine.


Mr. A.A.A. (Claimant) and Just Landed, S.L.

Case number


Related deceptive patterns

Related laws

Legal enforcement database by Leiser, Santos and Doshi

The information about laws and cases on this website is brought to you by the Leiser, Santos and Doshi enforcement database.

About us