Details:
Summary | According to the AEPD, the company had not been able to demonstrate adequate measures to ensure information security, leading to unauthorized access to personal data of a client. |
Link: | link |
Related articles: | Art. 5 (1) f) GDPR, Art. 32 GDPR |
Type: | Insufficient technical and organisational measures to ensure information security |
Fine: | EUR 42,000 |
Sector | Media, Telecoms and Broadcasting |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/