Cribis Credit Management s.r.l.
€10,000
Insufficient legal basis for data processing
Ημερομηνία απόφασης
9 Ιουνίου 2022
Αρχή
Italian Data Protection Authority (Garante)
IT
Τομέας
Finance, Insurance and Consulting
Χώρα
IT
Νόμος
GDPRΚατάσταση
FINALΠεριγραφή
The Italian DPA has fined Cribis Credit Management s.r.l. EUR 10,000. The company had inadvertently sent an e-mail about late payments on a subscription to the head of the data subject. This allowed the head to gain access to their employee's personal data such as name, surname and payment status information.
Νομικές παραπομπές
Art. 5 (1)Art. 6
Θέματα & Παραβάσεις
Insufficient legal basis for data processing