Hora Credit IFN SA – 14,000 euros fine
The company Hora Credit IFN SA was accused by the Romanian data protection authority of sending personal data to the wrong recipient. The company had violated the principles of the GDPR (according to Art. 5 GDPR) when processing personal data and had not taken appropriate technical and organizational measures (TOM) to prevent unauthorized disclosure of data. Moreover, the notification of the data breach was not made within 72 hours, as required by Article 33. Furthermore, the company has violated Art. 9 as well as Art. 6 para. 1 of the DSGVO.
The authority imposed three fines of the equivalent of approximately 3,000 euros, 10,000 euros and 1,000 euros, for a total of approximately 14,000 euros.
Entscheidungsdatum:
10.12.2019
Land:
Romania
Art des Verstoßes:
violated rights of the data subject
Betroffene Datensätze:
unknown
Waren sensible Daten betroffen?:
No
verhängte Geldstrafe:
€ 14,000,-