Iberdrola Clientes

€24,000

Non-compliance with general data processing principles

Decision Date

July 2, 2020

Authority

Spanish Data Protection Authority (aepd)

ES

Sector

Transportation and Energy

Country

ES

Law

GDPR

Status

FINAL

Description

A third person had received an electricity bill with personal details such as name, address and bank account of another customer. The reason for this was that Iberdola Clientes was not able to guarantee adequate security measures in the processing of the personal data of the data subject, in violation of the principles of data integrity and confidentiality. The fine of €40,000 has been reduced to €24,000 due to voluntary payment.

Legal Citations

Art. 5

Issues & Violations

Non-compliance with general data processing principles
View Official Document
Back to Fines Database
Previous Fine
Data Protection Authority of Ireland - Tusla Child...
Next Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Stay Updated on Privacy Enforcement

We respect your privacy. One email per month, no spam, unsubscribe anytime.