Spartoo

€250,000

Non-compliance with general data processing principles

Határozat dátuma

2020. augusztus 5.

Hatóság

French Data Protection Authority (CNIL)

FR

Szektor

Industry and Commerce

Ország

FR

Törvény

GDPR

Állapot

FINAL

Leírás

A fine of EUR 250000 was imposed on the online retailer Spartoo. The reason for this was that the company, which has its headquarters in France but supplies a large number of European countries, fully recorded all telephone hotline conversations (including personal data such as address and bank details of orders) and in addition stored bank details partially unencrypted. Among other things, this represents a violation of the principle of data minimization. Furthermore, the supervisory authority also found a violation of the information obligations according to Art. 13 GDPR, as the company's data protection information was partially incorrect.

Jogi hivatkozások

Art. 5 (1)Art. 13Art. 14

Kérdések és jogsértések

Non-compliance with general data processing principles
Hivatalos dokumentum megtekintése
Vissza a bírságok adatbázisába
Előző Fine
Italian Data Protection Authority (Garante) - Supe...
Következő Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Maradjon naprakész az adatvédelem érvényesítésével kapcsolatban

Tiszteletben tartjuk a magánéletét. Havonta egy e-mail, nincs spam, bármikor leiratkozhat.