Region of Tuscany

€10,000

Insufficient legal basis for data processing

Päätöspäivä

10. helmikuuta 2022

Viranomainen

Italian Data Protection Authority (Garante)

IT

Ala

Public Sector and Education

Maa

IT

Laki

GDPR

Tila

FINAL

Kuvaus

The Italian DPA has imposed a fine of EUR 10,000 on the Region of Tuscany. The region had notified the DPA of a data breach pursuant to Art. 33 GDPR. The region stated that it had inadvertently published personal data of 3,548 applicants for administrative assistant positions. The data concerned information that the applicants had shared as part of a pre-selection test for the application. The region had mistakenly published a URL through which personal data and the results of the test could be viewed.

Oikeudelliset viittaukset

Art. 5Art. 6Art. 2

Asiat ja rikkomukset

Insufficient legal basis for data processing
Näytä virallinen asiakirja
Takaisin sakkotietokantaan
Edellinen Fine
Italian Data Protection Authority (Garante) - Azie...
Seuraava hieno
Data Protection Authority of Hamburg (HmbBfDI) - C...

Pysy ajan tasalla yksityisyyden suojan valvonnasta

Kunnioitamme yksityisyyttäsi. Yksi sähköpostiviesti kuukaudessa, ei roskapostia, peruuta tilaus milloin tahansa.