Spartoo

€250,000

Non-compliance with general data processing principles

Tanggal Keputusan

5 Agustus 2020

Wewenang

French Data Protection Authority (CNIL)

FR

Sektor

Industry and Commerce

Negara

FR

Hukum

GDPR

Status

FINAL

Deskripsi

A fine of EUR 250000 was imposed on the online retailer Spartoo. The reason for this was that the company, which has its headquarters in France but supplies a large number of European countries, fully recorded all telephone hotline conversations (including personal data such as address and bank details of orders) and in addition stored bank details partially unencrypted. Among other things, this represents a violation of the principle of data minimization. Furthermore, the supervisory authority also found a violation of the information obligations according to Art. 13 GDPR, as the company's data protection information was partially incorrect.

Kutipan Hukum

Art. 5 (1)Art. 13Art. 14

Masalah & Pelanggaran

Non-compliance with general data processing principles
Lihat Dokumen Resmi
Kembali ke Basis Data Denda
Sebelumnya Denda
Italian Data Protection Authority (Garante) - Supe...
Berikutnya Baik
Data Protection Authority of Hamburg (HmbBfDI) - C...

Tetap Terupdate tentang Penegakan Privasi

Kami menghormati privasi Anda. Satu email per bulan, tidak ada spam, berhenti berlangganan kapan saja.