Cyfrowy Polsat S.A.

€245,000

Insufficient technical and organisational measures to ensure information security

Decision Date

22 de abril de 2021

Authority

Polish Data Protection Authority (UODO)

PL

Sector

Media, Telecoms and Broadcasting

Country

PL

Law

GDPR

Status

FINAL

Description

The Polish DPA (UODO) has fined Cyfrowy Polsat S.A. EUR 245,000. The fine was based on a large number of data breaches reported by the controller to the DPA. Frequently, postal correspondence containing personal data was lost or delivered to the wrong recipient. The DPA notes that although the data breaches were caused by the courier company contracted by the controller, the controller had to ensure that such breaches did not occur. The controller failed to implement technical and organizational measures appropriate to the risk to protect the processing of the data. Furthermore, the controller did not notify the data subjects about the data breaches until two to three months later.

Legal Citations

Art. 24 (1)Art. 32 (1)Art. 34 (1)

Issues & Violations

Insufficient technical and organisational measures to ensure information security
View Official Document
Back to Fines Database
Previous Fine
Spanish Data Protection Authority (aepd) - HazteOi...
Next Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Stay Updated on Privacy Enforcement

We respect your privacy. One email per month, no spam, unsubscribe anytime.