BAYARD REVISTAS, S.A.

€31,200

Insufficient technical and organisational measures to ensure information security

Fecha de la decisión

28 de septiembre de 2022

Autoridad

Spanish Data Protection Authority (aepd)

ES

Sector

Media, Telecoms and Broadcasting

País

ES

Ley

GDPR

Estado

FINAL

Descripción

The Spanish DPA has imposed a fine on Bayard Revistas S.A.. Unauthorized persons had accessed the Bayard database and thus unauthorizedly siphoned off location and contact data of users of the database. Approximately 470,000 users were affected by the incident. The DPA's investigation determined that a vulnerability in the controller's systems allowed the incident to occur. The original fine of EUR 52,000 was reduced to EUR 31,200 due to voluntary payment and admission of guilt.

Citas legales

Art. 5 (1)Art. 32Art. 33

Problemas e infracciones

Insufficient technical and organisational measures to ensure information security
Ver documento oficial
Volver a la base de datos de multas
Multa anterior
Spanish Data Protection Authority (aepd) - CLUB NA...
Siguiente multa
Data Protection Authority of Hamburg (HmbBfDI) - C...

Manténgase al día sobre la aplicación de las normas de protección de la intimidad

Respetamos su intimidad. Un correo electrónico al mes, sin spam, darse de baja en cualquier momento.