International Card Services B.V.
€150,000
Insufficient technical and organisational measures to ensure information security
تاريخ القرار
15 يناير 2024
الهيئة
Dutch Supervisory Authority for Data Protection (AP)
NL
القطاع
Finance, Insurance and Consulting
البلد
NL
القانون
GDPRالحالة
FINALالوصف
The Dutch DPA has imposed a fine of EUR 150,000 on International Card Services B.V. (ICS). ICS failed to carry out a data protection impact assessment before starting the digital identification of customers in the Netherlands in 2019. The identity check covered around 1.5 million people and involved sensitive personal data such as pictures of the data subjects.
الاستشهادات القانونية
Art. 35
القضايا والانتهاكات
Insufficient technical and organisational measures to ensure information security