IDFINANCE Spain, S.L.
€3,000
Insufficient technical and organisational measures to ensure information security
Дата на решението
1 февруари 2021 г.
Орган
Spanish Data Protection Authority (aepd)
ES
Сектор
Finance, Insurance and Consulting
Държава
ES
Право
GDPRСтатус
FINALОписание
The Spanish DPA (AEPD) imposed a fine of EUR 5,000 on IDFINANCE Spain S.L.. A person had received a debt collection email from IDFinance that contained a link for the payment of an invoice directly through the controller's website. Via the link, the person was able to view the personal data of another customer. The original fine of EUR 5,000 was reduced to EUR 3,000 due to immediate payment and admission of responsibility.
Правни цитати
Art. 5 (1)
Въпроси и нарушения
Insufficient technical and organisational measures to ensure information security