Tele2 Sverige Aktiebolag

€1,000,000

Insufficient technical and organisational measures to ensure information security

Datum för beslut

30 juni 2023

Myndighet

Data Protection Authority of Sweden

SE

Sektor

Media, Telecoms and Broadcasting

Land

SE

Lag

GDPR

Status

FINAL

Beskrivning

The Swedish DPA has imposed a fine of EUR 1 million on Tele2 Sverige Aktiebolag. The Austrian organization None of your Business (NOYB) had filed a complaint against the company in light of the Schrems II judgment, stating that the company was unlawfully transferring personal data to the US. The company had used Google Analytics for visitor statistics and based the data processing by the statistics tool on the EU standard contractual clauses, as no adequacy decision had been issued by the EU Commission for the USA. In the course of its investigation, the DPA determined that the use of the standard contractual clauses was not sufficient to guarantee a level of protection equivalent to that of the EU.

Rättsliga hänvisningar

Art. 44

Frågor och överträdelser

Insufficient technical and organisational measures to ensure information security
Visa officiellt dokument
Tillbaka till databasen för böter
Föregående Fine
Spanish Data Protection Authority (aepd) - Private...
Nästa Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Håll dig uppdaterad om efterlevnaden av sekretessreglerna

Vi respekterar din integritet. Ett e-postmeddelande per månad, ingen skräppost, avsluta prenumerationen när som helst.