Vodafone GmbH

€45,000,000

Non-compliance with general data processing principles

Päätöspäivä

1. tammikuuta 2025

Viranomainen

The Federal Commissioner for Data Protection and Freedom of Information (BfDI)

DE

Ala

Media, Telecoms and Broadcasting

Maa

DE

Laki

GDPR

Tila

FINAL

Kuvaus

The Federal Commissioner for Data Protection and Freedom of Information (BfDI) has imposed a fine of EUR 45,000,000 on Vodafone GmbH. The controller failed to properly supervise a third agency, which the controller used as a data processor. This resulted in employees of the third agency defrauding the controller's customers. The controller also failed to implement sufficient technical and organizational measures during an authentication process, which created the risk of third parties gaining access to customers' personal data. The BfDI emphasized the good cooperation with the controller throughout the process.

Oikeudelliset viittaukset

Art. 28 (1)

Asiat ja rikkomukset

Non-compliance with general data processing principles
Näytä virallinen asiakirja
Takaisin sakkotietokantaan
Edellinen Fine
Polish National Personal Data Protection Office (U...
Seuraava hieno
Data Protection Authority of Hamburg (HmbBfDI) - C...

Pysy ajan tasalla yksityisyyden suojan valvonnasta

Kunnioitamme yksityisyyttäsi. Yksi sähköpostiviesti kuukaudessa, ei roskapostia, peruuta tilaus milloin tahansa.