Details:

Summary The company has erroneously disclosed personal data, including information about children, to unauthorized persons. In one case, the contact and location data of a mother and a child were disclosed to an alleged offender, and in two other cases, data about children in foster care were improperly disclosed to blood relatives, including in one case to a father in prison.
Link: link
Related articles:  Art. 5 GDPR, Art. 6 GDPR
Type: Insufficient legal basis for data processing
Fine: EUR 75,000
Sector Public Sector and Education

 

All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/

Tags: case law