UST GLOBAL ESPAÑA, S.A.

€3,000

Non-compliance with general data processing principles

Fecha de la decisión

27 de julio de 2021

Autoridad

Spanish Data Protection Authority (aepd)

ES

Sector

Employment

País

ES

Ley

GDPR

Estado

FINAL

Descripción

The Spanish DPA (AEPD) has imposed a fine of EUR 3,000 on UST GLOBAL ESPAÑA, S.A.. An employee filed a complaint against the controller with the DPA. UST GLOBAL ESPAÑA, S.A. was acting as a service provider for OpenBank as part of a project. On 08.01.2020, the controller informed OpenBank by email that two new employees (one of them the complainant) would join the project, for which it requested access to the VPN and other applications. This email, which was sent with a copy to both employees, included their first and last names, professional email addresses, and ID card numbers. This way, both gained mutual unauthorized access to their colleague's data. The DPA considered this to be a violation of the principle of integrity and confidentiality.

Citas legales

Art. 5 (1)

Problemas e infracciones

Non-compliance with general data processing principles
Ver documento oficial
Volver a la base de datos de multas
Multa anterior
Spanish Data Protection Authority (aepd) - APARTAM...
Siguiente multa
Data Protection Authority of Hamburg (HmbBfDI) - C...

Manténgase al día sobre la aplicación de las normas de protección de la intimidad

Respetamos su intimidad. Un correo electrónico al mes, sin spam, darse de baja en cualquier momento.