Burgo Group S.p.A

€20,000

Non-compliance with general data processing principles

Decision Date

23 de novembro de 2020

Authority

Italian Data Protection Authority (Garante)

IT

Sector

Employment

Country

IT

Law

GDPR

Status

FINAL

Description

The Italian DPA (Garante) imposed a fine of EUR 20,000 on the company for non-compliant practices. Thus, for example, the personnel director forwarded an e-mail conversation between the data subject and a work colleague containing personal data (information relating to physical and mental discomfort in the workplace) to four people in the company.

Legal Citations

Art. 5Art. 13

Issues & Violations

Non-compliance with general data processing principles
View Official Document
Back to Fines Database
Previous Fine
Romanian National Supervisory Authority for Person...
Next Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Stay Updated on Privacy Enforcement

We respect your privacy. One email per month, no spam, unsubscribe anytime.