Telecommunications company

€20,000

Insufficient legal basis for data processing

Ngày ra quyết định

Không có sẵn

Thẩm quyền

Croatian Data Protection Authority (azop)

HR

Ngành

Media, Telecoms and Broadcasting

Quốc gia

HR

Luật

GDPR

Trạng thái

FINAL

Mô tả

The Croatian DPA (azop) has imposed a fine of EUR 20,000 on a telecommunications company. A data subject had filed a complaint with the DPA claiming that the company was still processing their personal data even though they had not been a customer of the company for more than ten years. During its investigation, the DPA found that the company had still been storing the data due to an alleged debt. The debt was no longer outstanding, however, the company had failed to delete the data of the data subject due to a lack of measures to regularly verify that the stored data was up to date and accurate. The DPA concluded that the company had unlawfully processed the data and violated Art. 6 (1) GDPR in relation to Art. 5 (1) d) GDPR.

Trích dẫn pháp lý

Art. 6 (1)Art. 5 (1)

Vấn đề & Vi phạm

Insufficient legal basis for data processing
Xem tài liệu chính thức
Trở lại Cơ sở dữ liệu Phạt

Cập nhật thông tin về việc thực thi quy định bảo vệ dữ liệu cá nhân

Chúng tôi tôn trọng quyền riêng tư của bạn. Chỉ một email mỗi tháng, không spam, có thể hủy đăng ký bất cứ lúc nào.