Restaurant

Not Available

Insufficient technical and organisational measures to ensure information security

Decision Date

January 1, 2020

Authority

Data Protection Authority of Hamburg

DE

Sector

Accomodation and Hospitality

Country

DE

Law

GDPR

Status

FINAL

Description

In order to combat the Covid 19 pandemic, a restaurant had put out an open list in which visitors had to enter their contact data. The fact that the list was openly displayed would have made it possible for unauthorized third parties to gain access to the data.

Legal Citations

Art. 32

Issues & Violations

Insufficient technical and organisational measures to ensure information security
View Official Document
Back to Fines Database
Previous Fine
Data Protection Authority of Hamburg - Restaurant...
Next Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Stay Updated on Privacy Enforcement

We respect your privacy. One email per month, no spam, unsubscribe anytime.