Restaurant

Non disponibile

Insufficient technical and organisational measures to ensure information security

Data della decisione

1 gennaio 2021

Autorità

Data Protection Authority of Saarland

DE

Settore

Accomodation and Hospitality

Paese

DE

Legge

GDPR

Stato

FINAL

Descrizione

A restaurant had disposed of 120 completed guest registration forms for contact tracing purposes during the Covid-19 pandemic in a publicly-accessible dumpster. During its investigation, the DPA also found that already during the restaurant's operation, the restaurant had not implemented adequate safeguards to protect the data processed during the guest registration process. For example, the completed guest registration forms were kept in an adjoining room accessible to all employees without special security measures, such as a locked cabinet.

Citazioni legali

Art. 24Art. 32

Problemi e violazioni

Insufficient technical and organisational measures to ensure information security
Visualizza il documento ufficiale
Torna al database delle multe
Precedente Multa
Data Protection Authority of Schleswig-Holstein - ...
Prossima ammenda
Data Protection Authority of Hamburg (HmbBfDI) - C...

Rimanete aggiornati sull'applicazione della privacy

Rispettiamo la vostra privacy. Un'email al mese, niente spam, cancellazione in qualsiasi momento.