Company

€18,700

Insufficient involvement of data protection officer

Karar Tarihi

27 Ekim 2021

Otorite

National Commission for Data Protection (CNPD)

LU

Sektör

Industry and Commerce

Ülke

HU

Hukuk

GDPR

Durum

FINAL

Açıklama

The DPA of Luxembourg has imposed a fine of EUR 18,700 on a company. During its investigation, the DPA first found that the controller's public website did not include direct contact details for the DPO. Furthermore, the DPO was not sufficiently involved in all data protection matters. For example, they only participated in internal meetings by invitation. Moreover, there were several hierarchical intermediaries between the DPO and the highest management level of the controller, not granting them sufficient autonomy. Also, in the absence of formalized procedures, the DPO was not able to sufficiently monitor the consistency of data processing practices.

Yasal Atıflar

Art. 37 (7)Art. 38 (1)Art. 39 (1)

Sorunlar & İhlaller

Insufficient involvement of data protection officer
Resmi Belgeyi Görüntüle
Para Cezaları Veritabanına Geri Dön
Önceki İnce
Hungarian National Authority for Data Protection a...
Sonraki İnce
Data Protection Authority of Hamburg (HmbBfDI) - C...

Gizlilik Uygulamasından Haberdar Olun

Gizliliğinize saygı duyuyoruz. Ayda bir e-posta, spam yok, istediğiniz zaman abonelikten çıkın.