UST GLOBAL ESPAÑA, S.A.

€3,000

Non-compliance with general data processing principles

Datum för beslut

27 juli 2021

Myndighet

Spanish Data Protection Authority (aepd)

ES

Sektor

Employment

Land

ES

Lag

GDPR

Status

FINAL

Beskrivning

The Spanish DPA (AEPD) has imposed a fine of EUR 3,000 on UST GLOBAL ESPAÑA, S.A.. An employee filed a complaint against the controller with the DPA. UST GLOBAL ESPAÑA, S.A. was acting as a service provider for OpenBank as part of a project. On 08.01.2020, the controller informed OpenBank by email that two new employees (one of them the complainant) would join the project, for which it requested access to the VPN and other applications. This email, which was sent with a copy to both employees, included their first and last names, professional email addresses, and ID card numbers. This way, both gained mutual unauthorized access to their colleague's data. The DPA considered this to be a violation of the principle of integrity and confidentiality.

Rättsliga hänvisningar

Art. 5 (1)

Frågor och överträdelser

Non-compliance with general data processing principles
Visa officiellt dokument
Tillbaka till databasen för böter
Föregående Fine
Spanish Data Protection Authority (aepd) - APARTAM...
Nästa Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Håll dig uppdaterad om efterlevnaden av sekretessreglerna

Vi respekterar din integritet. Ett e-postmeddelande per månad, ingen skräppost, avsluta prenumerationen när som helst.