ORANGE BANK, S.A. SUCURSAL EN ESPAÑA

€200,000

Insufficient technical and organisational measures to ensure information security

Dato for beslutning

14. februar 2025

Myndighed

Spanish Data Protection Authority (aepd)

ES

Sektor

Finance, Insurance and Consulting

Land

ES

Lovgivning

GDPR

Status

FINAL

Beskrivelse

The Spanish DPA (AEPD) has imposed a fine of EUR 200,000 on ORANGE BANK, S.A. SUCURSAL EN ESPAÑA. The AEPD reacted to multiple complaints of private individuals regarding a data leak. ORANGE BANK (the controller) used a data processor for the processing of personal data. ORANGE BANK was unable to ensure that necessary technical and organizational measures had been taken, resulting in the infringement of Art. 5 (1) f) GDPR. Additionally, the AEPD decided that the present infringement is particularly serious, due to the fact, that ORANGE BANK processes large amounts of data resulting in an increased demand towards the internal processes regarding data protection and security. Lastly the AEPD ordered ORANGE BANK to bring their processes into compliance with the GDPR within 6 months after the decision becomes final and enforceable.

Juridiske citater

Art. 5 (1)

Problemer og overtrædelser

Insufficient technical and organisational measures to ensure information security
Se officielt dokument
Tilbage til bøde-databasen
Forrige bøde
Spanish Data Protection Authority (aepd) - Vodafon...
Næste bøde
Data Protection Authority of Hamburg (HmbBfDI) - C...

Hold dig opdateret om håndhævelse af privatlivets fred

Vi respekterer dit privatliv. En e-mail om måneden, ingen spam, afmeld når som helst.