Roma Capitale (Rome Municipality)

€500,000

Non-compliance with general data processing principles

Date de décision

17 décembre 2020

Autorité

Italian Data Protection Authority (Garante)

IT

Secteur

Public Sector and Education

Pays

IT

Droit

GDPR

Statut

FINAL

Description

The Italian DPA (Garante) fined the municipality of Rome EUR 500,000 for the unlawful processing of users' and employees' personal data. The municipality of Rome had been using the 'TuPassi' booking system to manage appointments and other services since 2015. In the course of a detailed investigation, the Italian DPA found that the controller had violated several data protection regulations with regard to the processing of personal data of customers and employees with whom they had made appointments. For example, the municipality had not properly informed the data subjects prior to processing their data, nor had it taken appropriate technical and organizational measures to protect the processing.

Citations légales

Art. 5 (1)Art. 13Art. 14Art. 28 (2)Art. 32

Questions et violations

Non-compliance with general data processing principles
Voir le document officiel
Retour à la base de données des amendes
Précédent Amende
Polish National Personal Data Protection Office (U...
Prochaine amende
Data Protection Authority of Hamburg (HmbBfDI) - C...

Restez informé sur l'application de la législation en matière de protection de la vie privée

Nous respectons votre vie privée. Un courriel par mois, pas de spam, désabonnement à tout moment.