S CNTAR TAROM SA (Airline)

€20,000

Insufficient technical and organisational measures to ensure information security

Dátum rozhodnutia

4. decembra 2019

Úrad

Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)

RO

Sektor

Transportation and Energy

Krajina

RO

Právo

GDPR

Stav

FINAL

Popis

The Romanian data protection authority imposed a sanction on an airline because it has not taken appropriate measures to ensure that any natural person acting under its supervision processes personal data in accordance with its instructions (Article 32(4) of the GDPR). This resulted in an employee having unauthorized access to the booking application and being able to photograph a list with the personal data of 22 passengers/customers to disclose this list on the Internet.

Právne citácie

Art. 32

Problémy a porušenia

Insufficient technical and organisational measures to ensure information security
Zobraziť oficiálny dokument
Späť na databázu pokút
Predchádzajúca pokuta
Spanish Data Protection Authority (aepd) - Linea D...
Ďalšia pokuta
Data Protection Authority of Hamburg (HmbBfDI) - C...

Aktualizujte informácie o presadzovaní ochrany osobných údajov

Rešpektujeme vaše súkromie. Jeden e-mail mesačne, žiadny spam, odhlásiť sa môžete kedykoľvek.