Viking Line Oy Abp

€230,000

Non-compliance with general data processing principles

决定日期

2022年12月9日

权力

Deputy Data Protection Ombudsman

FI

部门

Accomodation and Hospitality

国家

FI

法律

GDPR

现状

FINAL

说明

The Finnish DPA has imposed a fine of EUR 230,000 on Viking Line Oy Abp. A former employee had filed a complaint with the DPA. During its investigation, the DPA found that the controller had not complied with the data subject's request for access to their health data and that some of the medical data had been stored incorrectly. The DPA also found that the medical data was stored with other personal data, although such storage is unlawful. Furthermore, the DPA found that the controller had not properly informed its employees about the processing of their personal data, contrary to its obligation under Art. 13 GDPR.

法律引文

Art. 5 (1)Art. 12 (3)Art. 13Art. 15 (1)Art. 25 (1)

问题与违规

Non-compliance with general data processing principles
查看正式文件
返回罚款数据库
以前的罚款
Spanish Data Protection Authority (aepd) - Private...
下一个 Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

随时了解隐私执法的最新情况

我们尊重您的隐私。每月一封电子邮件,无垃圾邮件,随时退订。