Unknown

€15,400

Insufficient involvement of data protection officer

Datum odločitve

27. oktober 2021

Organ

National Commission for Data Protection (CNPD)

LU

Sektor

Not assigned

Država

CZ

Zakon

GDPR

Status

FINAL

Opis

The Luxembourg DPA has imposed a fine of EUR 15,400 on a company. According to the DPA, the controller failed to involve the data protection officer in all matters related to the protection of personal data. In addition, contrary to the requirements of the GDPR, the data protection officer did not report directly to the highest management level; instead, there were two levels of hierarchy in between. Also, the controller did not have a data protection control plan in place to demonstrate that the data protection officer was performing their duties appropriately.

Pravne navedbe

Art. 38 (1)Art. 39 (1)

Vprašanja in kršitve

Insufficient involvement of data protection officer
Oglejte si uradni dokument
Nazaj v zbirko podatkov o globah
Prejšnja globa
Bulgarian Commission for Personal Data Protection ...
Naslednja Drobna
Data Protection Authority of Hamburg (HmbBfDI) - C...

Spremljajte novice o uveljavljanju zasebnosti

Spoštujemo vašo zasebnost. Eno e-poštno sporočilo na mesec, brez neželene pošte, odjava kadar koli.