Azienda regionale per lo sviluppo e per i servizi in agricoltura (ARSAC)
€50,000
Non-compliance with general data processing principles
Lēmuma datums
2025. gada 13. marts
Iestāde
Italian Data Protection Authority (Garante)
IT
Nozare
Public Sector and Education
Valsts
IT
Likums
GDPRStatuss
FINALApraksts
The Italian DPA imposed a fine of EUR 50,000 on the Regional agency for development and services in agriculture (ARSAC). The controller processed geographic data of its employees without sufficient legal basis. The controller also failed to provide sufficient informations in its internal documents regarding the data procession, breached the basic principles of lawfullness, fairness, transparency and purpose limitation and failed to conduct a data protection impact assesement. The total sum of the fine can be reduced by 50% if paid within sixty days.
Juridiskās atsauces
Art. 5Art. 6Art. 13Art. 25Art. 35Art. 88
Jautājumi un pārkāpumi
Non-compliance with general data processing principles