Vodafone GmbH

€45,000,000

Non-compliance with general data processing principles

Datum för beslut

1 januari 2025

Myndighet

The Federal Commissioner for Data Protection and Freedom of Information (BfDI)

DE

Sektor

Media, Telecoms and Broadcasting

Land

DE

Lag

GDPR

Status

FINAL

Beskrivning

The Federal Commissioner for Data Protection and Freedom of Information (BfDI) has imposed a fine of EUR 45,000,000 on Vodafone GmbH. The controller failed to properly supervise a third agency, which the controller used as a data processor. This resulted in employees of the third agency defrauding the controller's customers. The controller also failed to implement sufficient technical and organizational measures during an authentication process, which created the risk of third parties gaining access to customers' personal data. The BfDI emphasized the good cooperation with the controller throughout the process.

Rättsliga hänvisningar

Art. 28 (1)

Frågor och överträdelser

Non-compliance with general data processing principles
Visa officiellt dokument
Tillbaka till databasen för böter
Föregående Fine
Polish National Personal Data Protection Office (U...
Nästa Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Håll dig uppdaterad om efterlevnaden av sekretessreglerna

Vi respekterar din integritet. Ett e-postmeddelande per månad, ingen skräppost, avsluta prenumerationen när som helst.