Bank of Cyprus Public Company Ltd

€15,000

Insufficient technical and organisational measures to ensure information security

Sprendimo priėmimo data

2020 m. spalio 19 d.

Institucija

Cypriot Data Protection Commissioner

CY

Sektorius

Finance, Insurance and Consulting

Šalis

CY

Teisė

GDPR

Statusas

FINAL

Aprašymas

The data subject made a claim for access to information according to Art. 15 GDPR, which could not be answered, since the insurance contract of the data subject could not be found and has been lost. This constituted a violation of the rights of the data subject under Art. 15 GDPR as well as a violation of the obligations to protect personal data according to Art. 5 (1) f) GDPR and Art. 32 GDPR. In addition, the Data Breach Notification Obligations pursuant to Art. 33 f. GDPR have also been violated, as the data subject was not informed about the security incident in due time.

Teisinės citatos

Art. 5 (1)Art. 5 (2)Art. 15Art. 32Art. 33

Problemos ir pažeidimai

Insufficient technical and organisational measures to ensure information security
Peržiūrėti oficialų dokumentą
Grįžti į baudų duomenų bazę
Ankstesnis Bauda
Cypriot Data Protection Commissioner - Grant Ideas...
Kitas Bauda
Data Protection Authority of Hamburg (HmbBfDI) - C...

Gaukite naujausią informaciją apie privatumo vykdymo užtikrinimą

Gerbiame jūsų privatumą. Vienas el. laiškas per mėnesį, jokių šlamšto, atsisakykite prenumeratos bet kada.