International Card Services B.V.
€150,000
Insufficient technical and organisational measures to ensure information security
決定日
2024年1月15日
権威
Dutch Supervisory Authority for Data Protection (AP)
NL
セクター
Finance, Insurance and Consulting
国名
NL
法律
GDPRステータス
FINAL説明
The Dutch DPA has imposed a fine of EUR 150,000 on International Card Services B.V. (ICS). ICS failed to carry out a data protection impact assessment before starting the digital identification of customers in the Netherlands in 2019. The identity check covered around 1.5 million people and involved sensitive personal data such as pictures of the data subjects.
法的引用
Art. 35
問題と違反
Insufficient technical and organisational measures to ensure information security