Company

€18,700

Insufficient involvement of data protection officer

Data da decisão

27 de outubro de 2021

Autoridade

National Commission for Data Protection (CNPD)

LU

Setor

Industry and Commerce

País

HU

Lei

GDPR

Status

FINAL

Descrição

The DPA of Luxembourg has imposed a fine of EUR 18,700 on a company. During its investigation, the DPA first found that the controller's public website did not include direct contact details for the DPO. Furthermore, the DPO was not sufficiently involved in all data protection matters. For example, they only participated in internal meetings by invitation. Moreover, there were several hierarchical intermediaries between the DPO and the highest management level of the controller, not granting them sufficient autonomy. Also, in the absence of formalized procedures, the DPO was not able to sufficiently monitor the consistency of data processing practices.

Citações legais

Art. 37 (7)Art. 38 (1)Art. 39 (1)

Problemas e violações

Insufficient involvement of data protection officer
Ver documento oficial
Voltar ao banco de dados de multas
Multa anterior
Hungarian National Authority for Data Protection a...
Próxima multa
Data Protection Authority of Hamburg (HmbBfDI) - C...

Mantenha-se atualizado sobre a aplicação da privacidade

Respeitamos sua privacidade. Um e-mail por mês, sem spam, cancele sua inscrição a qualquer momento.