Housing Association

€321

Insufficient fulfilment of data breach notification obligations

Decision Date

February 7, 2023

Authority

Polish National Personal Data Protection Office (UODO)

PL

Sector

Real Estate

Country

EE

Law

GDPR

Status

FINAL

Description

The Polish DPA has imposed a fine of EUR 321 on a housing association. The controller had suffered a data breach involving the theft of documents, including a copy of a notarial deed. During its investigation, the DPA found that the controller had both failed to report the data breach to the DPA in a timely manner and to notify the data subjects affected by the incident. Further, the DPA found that the controller had not adequately checked if the processor provided sufficient guarantees to implement appropriate technical and organisational measures to ensure data protection.

Legal Citations

Art. 5 (1)Art. 28 (1)Art. 33 (1)Art. 34 (1)

Issues & Violations

Insufficient fulfilment of data breach notification obligations
View Official Document
Back to Fines Database
Previous Fine
Hungarian National Authority for Data Protection a...
Next Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Stay Updated on Privacy Enforcement

We respect your privacy. One email per month, no spam, unsubscribe anytime.