Digi Távközlési Szolgáltató Kft. ('Digi') (electronic communication service provider)

€288,000

Insufficient technical and organisational measures to ensure information security

Otsuse kuupäev

12. juuni 2020

Ametiasutus

Hungarian National Authority for Data Protection and the Freedom of Information (NAIH)

HU

Sektor

Media, Telecoms and Broadcasting

Riik

HU

Seadus

GDPR

Staatus

FINAL

Kirjeldus

The company had infringed the principles of purpose limitation and storage restriction because its database contained a large amount of customer data which were no longer relevant for the actual purpose of collection and for which no retention period had been set. Furthermore, the NAIH pointed out that the defendant had not taken proportionate measures to reduce the risks in the area of data management and data security, arguing, inter alia, that it had not used encryption mechanisms.

Õiguslikud viited

Art. 5 (1)Art. 32 (1)

Probleemid ja rikkumised

Insufficient technical and organisational measures to ensure information security
Vaata ametlikku dokumenti
Tagasi trahvide andmebaasi juurde
Eelmine trahv
Czech Data Protection Auhtority (UOOU) - Legal Per...
Järgmine trahv
Data Protection Authority of Hamburg (HmbBfDI) - C...

Privaatsuse jõustamise kohta ajakohastatud teave

Me austame teie privaatsust. Üks e-kiri kuus, ei ole rämpsposti, loobuda tellimusest igal ajal.