Region of Tuscany

€10,000

Insufficient legal basis for data processing

Fecha de la decisión

10 de febrero de 2022

Autoridad

Italian Data Protection Authority (Garante)

IT

Sector

Public Sector and Education

País

IT

Ley

GDPR

Estado

FINAL

Descripción

The Italian DPA has imposed a fine of EUR 10,000 on the Region of Tuscany. The region had notified the DPA of a data breach pursuant to Art. 33 GDPR. The region stated that it had inadvertently published personal data of 3,548 applicants for administrative assistant positions. The data concerned information that the applicants had shared as part of a pre-selection test for the application. The region had mistakenly published a URL through which personal data and the results of the test could be viewed.

Citas legales

Art. 5Art. 6Art. 2

Problemas e infracciones

Insufficient legal basis for data processing
Ver documento oficial
Volver a la base de datos de multas
Multa anterior
Italian Data Protection Authority (Garante) - Azie...
Siguiente multa
Data Protection Authority of Hamburg (HmbBfDI) - C...

Manténgase al día sobre la aplicación de las normas de protección de la intimidad

Respetamos su intimidad. Un correo electrónico al mes, sin spam, darse de baja en cualquier momento.