Azienda regionale per lo sviluppo e per i servizi in agricoltura (ARSAC)

€50,000

Non-compliance with general data processing principles

Decision Date

March 13, 2025

Authority

Italian Data Protection Authority (Garante)

IT

Sector

Public Sector and Education

Country

IT

Law

GDPR

Status

FINAL

Description

The Italian DPA imposed a fine of EUR 50,000 on the Regional agency for development and services in agriculture (ARSAC). The controller processed geographic data of its employees without sufficient legal basis. The controller also failed to provide sufficient informations in its internal documents regarding the data procession, breached the basic principles of lawfullness, fairness, transparency and purpose limitation and failed to conduct a data protection impact assesement. The total sum of the fine can be reduced by 50% if paid within sixty days.

Legal Citations

Art. 5Art. 6Art. 13Art. 25Art. 35Art. 88

Issues & Violations

Non-compliance with general data processing principles
View Official Document
Back to Fines Database
Previous Fine
Romanian National Supervisory Authority for Person...
Next Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Stay Updated on Privacy Enforcement

We respect your privacy. One email per month, no spam, unsubscribe anytime.