Details:
| Summary | Due to inadequate technical and organizational measures, the company disclosed the order, delivery and personal data of over 1000 customers via its web store. The data was displayed on a document in the web store that could be downloaded without access protection. In addition, the operator had failed to report the security leak to the data protection authority. |
| Link: | link |
| Related articles: | Art. 32 GDPR, Art. 33 GDPR |
| Type: | Insufficient technical and organisational measures to ensure information security |
| Fine: | EUR 5,000 |
| Sector | Industry and Commerce |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/