Allium UPI

€3,000,000

Insufficient technical and organisational measures to ensure information security

Beslissingsdatum

5 september 2025

Autoriteit

Estonian Data Protection Authority (AKI)

EE

Sector

Industry and Commerce

Land

EE

Wet

GDPR

Status

FINAL

Beschrijving

The Estonian DPA has imposed a fine of EUR 3,000,000 on Allium UPI. The controller failed to implement adequate technical and organisational measures to ensure data security. This resulted in a data breach involving the personal data of 750,000 individuals, including children and other vulnerable groups.

Problemen en overtredingen

Insufficient technical and organisational measures to ensure information security
Officieel document bekijken
Terug naar de database met boetes
Vorige boete
Spanish Data Protection Authority (aepd) - Socieda...
Volgende boete
Data Protection Authority of Hamburg (HmbBfDI) - C...

Blijf op de hoogte van privacybescherming

We respecteren je privacy. Eén e-mail per maand, geen spam, afmelden kan altijd.