Vodafone – PANAFON A.E.E.T.

€550,000

Insufficient technical and organisational measures to ensure information security

Decision Date

25 de junho de 2025

Authority

Hellenic Data Protection Authority (HDPA)

GR

Sector

Media, Telecoms and Broadcasting

Country

GR

Law

GDPR

Status

FINAL

Description

The Greek DPA has imposed a fine of EUR 550,000 on Vodafone – PANAFON A.E.E.T. The controller failed to implement sufficient technical and organisational measures to ensure data security, resulting in a telecommunications shop being able to wrongfully assign multiple SIM cards to an individual. The controller also failed to use a processor that could guarantee the implementation of sufficient technical and organisational measures, and failed to govern the processing with an adequate data processing agreement.

Legal Citations

Art. 5 (1)Art. 28 (1)

Issues & Violations

Insufficient technical and organisational measures to ensure information security
View Official Document
Back to Fines Database
Previous Fine
Information Commissioner (ICO) - Birthlink...
Next Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Stay Updated on Privacy Enforcement

We respect your privacy. One email per month, no spam, unsubscribe anytime.