Digi Távközlési Szolgáltató Kft. ('Digi') (electronic communication service provider)

€288,000

Insufficient technical and organisational measures to ensure information security

Data deciziei

12 iunie 2020

Autoritatea

Hungarian National Authority for Data Protection and the Freedom of Information (NAIH)

HU

Sector

Media, Telecoms and Broadcasting

Țara

HU

Legea

GDPR

Statut

FINAL

Descriere

The company had infringed the principles of purpose limitation and storage restriction because its database contained a large amount of customer data which were no longer relevant for the actual purpose of collection and for which no retention period had been set. Furthermore, the NAIH pointed out that the defendant had not taken proportionate measures to reduce the risks in the area of data management and data security, arguing, inter alia, that it had not used encryption mechanisms.

Citări juridice

Art. 5 (1)Art. 32 (1)

Probleme și încălcări

Insufficient technical and organisational measures to ensure information security
Vezi documentul oficial
Înapoi la baza de date a amenzilor
Amenda anterioară
Czech Data Protection Auhtority (UOOU) - Legal Per...
Următoarea amendă
Data Protection Authority of Hamburg (HmbBfDI) - C...

Rămâneți la curent cu aplicarea normelor de confidențialitate

Îți respectăm confidențialitatea. Un e-mail pe lună, fără spam, dezabonare oricând.