France: Concluded investigation into VOODOO data protection breaches following a compliance review

On 28 September 2023, the Commission on Informatics and Liberty (CNIL) confirmed that VOODOO has complied with an injunction issued by the data protection agency in the Deliberation of 29 December 2022. The injunction consisted of an order to request user consent, a EUR 3 million fine for data protection breaches and an additional EUR 20'000 per day fine in case of further non-compliance at the end of a three-month grace period. The CNIL determined that VOODOO implemented a pop-up window to request user consent, allowing VOODOO and its partners to collect technical data such as advertising identifiers and the user's IP address, and informed users that this data would be used for personalised advertising and content performance assessment. The CNIL found that the requirements set by the injunction have been met and that the additional fee will not be imposed.