Digi Távközlési Szolgáltató Kft. ('Digi') (electronic communication service provider)

€288,000

Insufficient technical and organisational measures to ensure information security

Data della decisione

12 giugno 2020

Autorità

Hungarian National Authority for Data Protection and the Freedom of Information (NAIH)

HU

Settore

Media, Telecoms and Broadcasting

Paese

HU

Legge

GDPR

Stato

FINAL

Descrizione

The company had infringed the principles of purpose limitation and storage restriction because its database contained a large amount of customer data which were no longer relevant for the actual purpose of collection and for which no retention period had been set. Furthermore, the NAIH pointed out that the defendant had not taken proportionate measures to reduce the risks in the area of data management and data security, arguing, inter alia, that it had not used encryption mechanisms.

Citazioni legali

Art. 5 (1)Art. 32 (1)

Problemi e violazioni

Insufficient technical and organisational measures to ensure information security
Visualizza il documento ufficiale
Torna al database delle multe
Precedente Multa
Czech Data Protection Auhtority (UOOU) - Legal Per...
Prossima ammenda
Data Protection Authority of Hamburg (HmbBfDI) - C...

Rimanete aggiornati sull'applicazione della privacy

Rispettiamo la vostra privacy. Un'email al mese, niente spam, cancellazione in qualsiasi momento.