Menarini Silicon Biosystems SpA
€21,000
Non-compliance with general data processing principles
Data della decisione
21 maggio 2025
Autorità
Italian Data Protection Authority (Garante)
IT
Settore
Health Care
Paese
IT
Legge
GDPRStato
FINALDescrizione
The Italian DPA has imposed a fine of EUR 21,000 on Menarini Silicon Biosystems SpA. The controller is conducting oncological research and has developed a software that is able to classify human cells. The controller used pseudonymised health data from an American company which is part of the same group. The controller failed to ensure, that data subjects received adequate information and to ensure adequate data storage limitation. The controller also failed to demonstrate compliance with the general data processing principles.
Citazioni legali
Art. 5 (1)Art. 13
Problemi e violazioni
Non-compliance with general data processing principles