Details:
| Summary | The Italian DPA has fined Servizio Idrico Integrato S.c.p.a. EUR 15,000. The controller had operated a website where personal data was being processed without using an SSL form. The DPA found that the use of an SSL form would have been necessary for the security of the data. It therefore concluded that the controller had failed to implement appropriate technical and organizational measures to protect personal data. |
| Link: | link |
| Related articles: | Art. 5 (1) f) GDPR, Art. 32 GDPR |
| Type: | Insufficient technical and organisational measures to ensure information security |
| Fine: | EUR 15,000 |
| Sector | Transportation and Energy |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/