Restaurant

Нет в наличии

Insufficient technical and organisational measures to ensure information security

Дата принятия решения

1 января 2021 г.

Авторитет

Data Protection Authority of Saarland

DE

Сектор

Accomodation and Hospitality

Страна

DE

Закон

GDPR

Статус

FINAL

Описание

A restaurant had disposed of 120 completed guest registration forms for contact tracing purposes during the Covid-19 pandemic in a publicly-accessible dumpster. During its investigation, the DPA also found that already during the restaurant's operation, the restaurant had not implemented adequate safeguards to protect the data processed during the guest registration process. For example, the completed guest registration forms were kept in an adjoining room accessible to all employees without special security measures, such as a locked cabinet.

Юридические цитаты

Art. 24Art. 32

Проблемы и нарушения

Insufficient technical and organisational measures to ensure information security
Посмотреть официальный документ
Вернуться к базе данных штрафов
Предыдущий штраф
Data Protection Authority of Schleswig-Holstein - ...
Следующий штраф
Data Protection Authority of Hamburg (HmbBfDI) - C...

Будьте в курсе событий, связанных с соблюдением конфиденциальности

Мы уважаем вашу конфиденциальность. Одно письмо в месяц, без спама, отказ от подписки в любое время.