Details:
| Summary | The Spanish DPA has imposed a fine on PELAYO, MUTUA DE SEGUROS Y REASEGUROS A PRIMA FIJA. An individual had filed a complaint with the DPA because the controller had disclosed their personal data to unauthorized third parties due to an internal error. The DPA found that the controller had failed to implement adequate technical and organizational measures to protect personal data. The original fine of EUR 70,000 was reduced to EUR 42,000 due to voluntary payment and admission of guilt. |
| Link: | link |
| Related articles: | Art. 5 (1) f) GDPR, Art. 32 GDPR |
| Type: | Non-compliance with general data processing principles |
| Fine: | EUR 42,000 |
| Sector | Finance, Insurance and Consulting |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/