From the CNIL, the French data protection authority:
SPARTOO is specialized in the online shoe sales sector. For this activity, it has a website accessible in thirteen countries of the European Union.
The CNIL inspected the company in May 2018, and noted shortcomings concerning the data of customers, prospects and employees. The President of the CNIL therefore decided to initiate a sanctioning procedure against the company in 2019.
The customers and prospects of the company concerned being located in several European countries, the CNIL cooperated throughout the procedure with the other European authorities concerned with a view to adopting the sanction decision.
On the basis of the investigations carried out, the restricted committee – the CNIL body responsible for imposing sanctions – considered that the company had failed to meet several obligations provided for by the GDPR