Burgo Group S.p.A
€20,000
Non-compliance with general data processing principles
Fecha de la decisión
23 de noviembre de 2020
Autoridad
Italian Data Protection Authority (Garante)
IT
Sector
Employment
País
IT
Ley
GDPREstado
FINALDescripción
The Italian DPA (Garante) imposed a fine of EUR 20,000 on the company for non-compliant practices. Thus, for example, the personnel director forwarded an e-mail conversation between the data subject and a work colleague containing personal data (information relating to physical and mental discomfort in the workplace) to four people in the company.
Citas legales
Art. 5Art. 13
Problemas e infracciones
Non-compliance with general data processing principles