Enea S.A.

€30,000

Insufficient fulfilment of data breach notification obligations

Lēmuma datums

2021. gada 11. janvāris

Iestāde

Polish National Personal Data Protection Office (UODO)

PL

Nozare

Transportation and Energy

Valsts

PL

Likums

GDPR

Statuss

FINAL

Apraksts

The Polish DPA (UODO) fined Enea S.A. EUR 30,000 for the controller's failure to report a personal data breach, in violation of Art. 33 (1) GDPR. The DPA received information about a personal data breach from a person who had become an unauthorized recipient of personal data. The breach consisted of sending an email with an unencrypted, non-password protected attachment that contained personal data of several hundred individuals. The sender of the email was an employee of the sanctioned controller.

Juridiskās atsauces

Art. 33 (1)

Jautājumi un pārkāpumi

Insufficient fulfilment of data breach notification obligations
Skatīt oficiālo dokumentu
Atgriezties pie Naudas sodu datubāzes
Iepriekšējais naudas sods
Data Protection Authority of Niedersachsen - noteb...
Nākamais naudas sods
Data Protection Authority of Hamburg (HmbBfDI) - C...

Atjauniniet informāciju par konfidencialitātes ieviešanu

Mēs respektējam jūsu konfidencialitāti. Viens e-pasts mēnesī, bez surogātpasta, jebkurā laikā varat atteikties no abonēšanas.