Vodafone GmbH

€45,000,000

Non-compliance with general data processing principles

Fecha de la decisión

1 de enero de 2025

Autoridad

The Federal Commissioner for Data Protection and Freedom of Information (BfDI)

DE

Sector

Media, Telecoms and Broadcasting

País

DE

Ley

GDPR

Estado

FINAL

Descripción

The Federal Commissioner for Data Protection and Freedom of Information (BfDI) has imposed a fine of EUR 45,000,000 on Vodafone GmbH. The controller failed to properly supervise a third agency, which the controller used as a data processor. This resulted in employees of the third agency defrauding the controller's customers. The controller also failed to implement sufficient technical and organizational measures during an authentication process, which created the risk of third parties gaining access to customers' personal data. The BfDI emphasized the good cooperation with the controller throughout the process.

Citas legales

Art. 28 (1)

Problemas e infracciones

Non-compliance with general data processing principles
Ver documento oficial
Volver a la base de datos de multas
Multa anterior
Polish National Personal Data Protection Office (U...
Siguiente multa
Data Protection Authority of Hamburg (HmbBfDI) - C...

Manténgase al día sobre la aplicación de las normas de protección de la intimidad

Respetamos su intimidad. Un correo electrónico al mes, sin spam, darse de baja en cualquier momento.