IDFINANCE Spain, S.L.
€3,000
Insufficient technical and organisational measures to ensure information security
決定日期
2021年2月1日
權限
Spanish Data Protection Authority (aepd)
ES
部門
Finance, Insurance and Consulting
國家
ES
法律
GDPR狀態
FINAL說明
The Spanish DPA (AEPD) imposed a fine of EUR 5,000 on IDFINANCE Spain S.L.. A person had received a debt collection email from IDFinance that contained a link for the payment of an invoice directly through the controller's website. Via the link, the person was able to view the personal data of another customer. The original fine of EUR 5,000 was reduced to EUR 3,000 due to immediate payment and admission of responsibility.
法律引文
Art. 5 (1)
問題與違規
Insufficient technical and organisational measures to ensure information security