Roma Capitale (Rome Municipality)

€500,000

Non-compliance with general data processing principles

Fecha de la decisión

17 de diciembre de 2020

Autoridad

Italian Data Protection Authority (Garante)

IT

Sector

Public Sector and Education

País

IT

Ley

GDPR

Estado

FINAL

Descripción

The Italian DPA (Garante) fined the municipality of Rome EUR 500,000 for the unlawful processing of users' and employees' personal data. The municipality of Rome had been using the 'TuPassi' booking system to manage appointments and other services since 2015. In the course of a detailed investigation, the Italian DPA found that the controller had violated several data protection regulations with regard to the processing of personal data of customers and employees with whom they had made appointments. For example, the municipality had not properly informed the data subjects prior to processing their data, nor had it taken appropriate technical and organizational measures to protect the processing.

Citas legales

Art. 5 (1)Art. 13Art. 14Art. 28 (2)Art. 32

Problemas e infracciones

Non-compliance with general data processing principles
Ver documento oficial
Volver a la base de datos de multas
Multa anterior
Polish National Personal Data Protection Office (U...
Siguiente multa
Data Protection Authority of Hamburg (HmbBfDI) - C...

Manténgase al día sobre la aplicación de las normas de protección de la intimidad

Respetamos su intimidad. Un correo electrónico al mes, sin spam, darse de baja en cualquier momento.