Digi Távközlési Szolgáltató Kft. ('Digi') (electronic communication service provider)

€288,000

Insufficient technical and organisational measures to ensure information security

Beslissingsdatum

12 juni 2020

Autoriteit

Hungarian National Authority for Data Protection and the Freedom of Information (NAIH)

HU

Sector

Media, Telecoms and Broadcasting

Land

HU

Wet

GDPR

Status

FINAL

Beschrijving

The company had infringed the principles of purpose limitation and storage restriction because its database contained a large amount of customer data which were no longer relevant for the actual purpose of collection and for which no retention period had been set. Furthermore, the NAIH pointed out that the defendant had not taken proportionate measures to reduce the risks in the area of data management and data security, arguing, inter alia, that it had not used encryption mechanisms.

Juridische citaten

Art. 5 (1)Art. 32 (1)

Problemen en overtredingen

Insufficient technical and organisational measures to ensure information security
Officieel document bekijken
Terug naar de database met boetes
Vorige boete
Czech Data Protection Auhtority (UOOU) - Legal Per...
Volgende boete
Data Protection Authority of Hamburg (HmbBfDI) - C...

Blijf op de hoogte van privacybescherming

We respecteren je privacy. Eén e-mail per maand, geen spam, afmelden kan altijd.