Głównego Geodetę Kraju

€12,450

Insufficient fulfilment of data breach notification obligations

Otsuse kuupäev

6. juuli 2022

Ametiasutus

Polish National Personal Data Protection Office (UODO)

PL

Sektor

Public Sector and Education

Riik

PL

Seadus

GDPR

Staatus

FINAL

Kirjeldus

The Polish DPA has imposed a fine of EUR 12,450 on the public cartography institute Głównego Geodetę Kraju. The institute had suffered a data breach in which numerous land register numbers were visible on the institute's website for more than 48 hours. The land register number allows a number of owners' data to be determined, including their first and last names, the names of their parents and the address of the property. The institute had failed to report the breach to the DPA, with the result that it learned of the incident through media reports. The institute also failed to inform the data subjects of the incident. For this reason, the DPA found that the controller violated Article 33 (1) GDPR and Article 34 (1) GDPR.

Õiguslikud viited

Art. 33 (1)Art. 34 (1)

Probleemid ja rikkumised

Insufficient fulfilment of data breach notification obligations
Vaata ametlikku dokumenti
Tagasi trahvide andmebaasi juurde
Eelmine trahv
Spanish Data Protection Authority (aepd) - ASOCIAC...
Järgmine trahv
Data Protection Authority of Hamburg (HmbBfDI) - C...

Privaatsuse jõustamise kohta ajakohastatud teave

Me austame teie privaatsust. Üks e-kiri kuus, ei ole rämpsposti, loobuda tellimusest igal ajal.