CENTROS COMERCIALES CARREFOUR, S.A.

€3,200,000

Insufficient technical and organisational measures to ensure information security

Beslissingsdatum

14 maart 2025

Autoriteit

Spanish Data Protection Authority (aepd)

ES

Sector

Industry and Commerce

Land

ES

Wet

GDPR

Status

FINAL

Beschrijving

The Spanish DPA imposed a fine of EUR 3,200,000 on CENTROS COMERCIALES CARREFOUR, S.A. The controller suffered a cyberattack, resulting in the leak of a large amount of personal data. The controller failed to implement sufficient technical and organizational measures to ensure data security. Additionally, the notification of the data subjects in regards to the data breach was insufficient.

Juridische citaten

Art. 5 (1)Art. 32Art. 34

Problemen en overtredingen

Insufficient technical and organisational measures to ensure information security
Officieel document bekijken
Terug naar de database met boetes
Vorige boete
Spanish Data Protection Authority (aepd) - ING BAN...
Volgende boete
Data Protection Authority of Hamburg (HmbBfDI) - C...

Blijf op de hoogte van privacybescherming

We respecteren je privacy. Eén e-mail per maand, geen spam, afmelden kan altijd.