Banca Comercială Română SA

€5,000

Insufficient technical and organisational measures to ensure information security

Ημερομηνία απόφασης

5 Μαΐου 2020

Αρχή

Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)

Τομέας

Finance, Insurance and Consulting

Χώρα

Νόμος

GDPR

Κατάσταση

FINAL

Περιγραφή

The data protection authority finds that the company has not taken adequate technical and organisational measures to ensure an adequate level of information security. This applies in particular to the collection and transmission of copies of customers' identification documents via WhatsApp.