Details:
| Summary | The Italian DPA has imposed a fine of EUR 1,000 on Sirio S.p.A.. An employee filed a complaint with the DPA because the controller had passed on their personal data to a bank without their consent and without informing them. |
| Link: | link |
| Related articles: | Art. 5 (1) a) GDPR, Art. 6 GDPR, Art. 13 GDPR |
| Type: | Insufficient legal basis for data processing |
| Fine: | EUR 1,000 |
| Sector | Employment |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/