Unknown

€15,400

Insufficient involvement of data protection officer

Datum rozhodnutí

27. října 2021

Úřad

National Commission for Data Protection (CNPD)

LU

Sektor

Not assigned

Země

CZ

Právo

GDPR

Stav

FINAL

Popis

The Luxembourg DPA has imposed a fine of EUR 15,400 on a company. According to the DPA, the controller failed to involve the data protection officer in all matters related to the protection of personal data. In addition, contrary to the requirements of the GDPR, the data protection officer did not report directly to the highest management level; instead, there were two levels of hierarchy in between. Also, the controller did not have a data protection control plan in place to demonstrate that the data protection officer was performing their duties appropriately.

Právní citace

Art. 38 (1)Art. 39 (1)

Problémy a porušení

Insufficient involvement of data protection officer
Zobrazit oficiální dokument
Zpět na databázi pokut
Předchozí Pokuta
Bulgarian Commission for Personal Data Protection ...
Další Pokuta
Data Protection Authority of Hamburg (HmbBfDI) - C...

Aktualizujte informace o prosazování ochrany osobních údajů

Respektujeme vaše soukromí. Jeden e-mail měsíčně, žádný spam, kdykoli se můžete odhlásit.