Intesa Sanpaolo Vita S.p.a.
€20,000
Non-compliance with general data processing principles
Ημερομηνία απόφασης
7 Ιουλίου 2022
Αρχή
Italian Data Protection Authority (Garante)
IT
Τομέας
Finance, Insurance and Consulting
Χώρα
IT
Νόμος
GDPRΚατάσταση
FINALΠεριγραφή
The Italian DPA has fined Intesa Sanpaolo Vita S.p.a. EUR 20,000. The data subject, who had taken out a life insurance policy with the controller, had filed a complaint with the DPA against the controller for the unauthorized disclosure of their personal data. In the course of its investigation, the DPA found that the controller had disclosed personal data, such as first name, last name and information about the policy, to third parties without authorization. The unauthorized disclosure had occurred due to an employee's error.
Νομικές παραπομπές
Art. 5 (1)
Θέματα & Παραβάσεις
Non-compliance with general data processing principles