Digi Távközlési Szolgáltató Kft. ('Digi') (electronic communication service provider)

€288,000

Insufficient technical and organisational measures to ensure information security

Sprendimo priėmimo data

2020 m. birželio 12 d.

Institucija

Hungarian National Authority for Data Protection and the Freedom of Information (NAIH)

HU

Sektorius

Media, Telecoms and Broadcasting

Šalis

HU

Teisė

GDPR

Statusas

FINAL

Aprašymas

The company had infringed the principles of purpose limitation and storage restriction because its database contained a large amount of customer data which were no longer relevant for the actual purpose of collection and for which no retention period had been set. Furthermore, the NAIH pointed out that the defendant had not taken proportionate measures to reduce the risks in the area of data management and data security, arguing, inter alia, that it had not used encryption mechanisms.

Teisinės citatos

Art. 5 (1)Art. 32 (1)

Problemos ir pažeidimai

Insufficient technical and organisational measures to ensure information security
Peržiūrėti oficialų dokumentą
Grįžti į baudų duomenų bazę
Ankstesnis Bauda
Czech Data Protection Auhtority (UOOU) - Legal Per...
Kitas Bauda
Data Protection Authority of Hamburg (HmbBfDI) - C...

Gaukite naujausią informaciją apie privatumo vykdymo užtikrinimą

Gerbiame jūsų privatumą. Vienas el. laiškas per mėnesį, jokių šlamšto, atsisakykite prenumeratos bet kada.