Vodafone GmbH

€45,000,000

Non-compliance with general data processing principles

Otsuse kuupäev

1. jaanuar 2025

Ametiasutus

The Federal Commissioner for Data Protection and Freedom of Information (BfDI)

DE

Sektor

Media, Telecoms and Broadcasting

Riik

DE

Seadus

GDPR

Staatus

FINAL

Kirjeldus

The Federal Commissioner for Data Protection and Freedom of Information (BfDI) has imposed a fine of EUR 45,000,000 on Vodafone GmbH. The controller failed to properly supervise a third agency, which the controller used as a data processor. This resulted in employees of the third agency defrauding the controller's customers. The controller also failed to implement sufficient technical and organizational measures during an authentication process, which created the risk of third parties gaining access to customers' personal data. The BfDI emphasized the good cooperation with the controller throughout the process.

Õiguslikud viited

Art. 28 (1)

Probleemid ja rikkumised

Non-compliance with general data processing principles
Vaata ametlikku dokumenti
Tagasi trahvide andmebaasi juurde
Eelmine trahv
Polish National Personal Data Protection Office (U...
Järgmine trahv
Data Protection Authority of Hamburg (HmbBfDI) - C...

Privaatsuse jõustamise kohta ajakohastatud teave

Me austame teie privaatsust. Üks e-kiri kuus, ei ole rämpsposti, loobuda tellimusest igal ajal.