UST GLOBAL ESPAÑA, S.A.

€3,000

Non-compliance with general data processing principles

Dato for beslutning

27. juli 2021

Myndighet

Spanish Data Protection Authority (aepd)

ES

Sektor

Employment

Land

ES

Lov og rett

GDPR

Status

FINAL

Beskrivelse

The Spanish DPA (AEPD) has imposed a fine of EUR 3,000 on UST GLOBAL ESPAÑA, S.A.. An employee filed a complaint against the controller with the DPA. UST GLOBAL ESPAÑA, S.A. was acting as a service provider for OpenBank as part of a project. On 08.01.2020, the controller informed OpenBank by email that two new employees (one of them the complainant) would join the project, for which it requested access to the VPN and other applications. This email, which was sent with a copy to both employees, included their first and last names, professional email addresses, and ID card numbers. This way, both gained mutual unauthorized access to their colleague's data. The DPA considered this to be a violation of the principle of integrity and confidentiality.

Juridiske henvisninger

Art. 5 (1)

Problemer og overtredelser

Non-compliance with general data processing principles
Se offisielt dokument
Tilbake til bøtedatabasen
Tidligere Fine
Spanish Data Protection Authority (aepd) - APARTAM...
Neste bot
Data Protection Authority of Hamburg (HmbBfDI) - C...

Hold deg oppdatert om håndheving av personvern

Vi respekterer personvernet ditt. Én e-post per måned, ingen spam, avmelding når som helst.