Cribis Credit Management s.r.l.
€10,000
Insufficient legal basis for data processing
Дата прийняття рішення
9 червня 2022 р.
Влада
Italian Data Protection Authority (Garante)
IT
Сектор
Finance, Insurance and Consulting
Країна
IT
Право
GDPRСтатус
FINALОпис
The Italian DPA has fined Cribis Credit Management s.r.l. EUR 10,000. The company had inadvertently sent an e-mail about late payments on a subscription to the head of the data subject. This allowed the head to gain access to their employee's personal data such as name, surname and payment status information.
Юридичні посилання
Art. 5 (1)Art. 6
Проблеми та порушення
Insufficient legal basis for data processing