Company
€8,900
Insufficient technical and organisational measures to ensure information security
Ημερομηνία απόφασης
1 Ιανουαρίου 2022
Αρχή
Data Protection Authority of Niedersachsen
DE
Τομέας
Industry and Commerce
Χώρα
HU
Νόμος
GDPRΚατάσταση
FINALΠεριγραφή
The DPA of Niedersachsen imposed a fine of EUR 8,900 on a company. The company had a customer database on the Internet with thousands of entries. During its investigation, the DPA found that the only access protection the company had implemented was a long-form web address but not additional measures such as password-protected access. The controller relied on the fact that the web would not become known.
Νομικές παραπομπές
Art. 32
Θέματα & Παραβάσεις
Insufficient technical and organisational measures to ensure information security