Details:
| Summary | The Italian DPA has fined Cribis Credit Management s.r.l. EUR 10,000. The company had inadvertently sent an e-mail about late payments on a subscription to the head of the data subject. This allowed the head to gain access to their employee’s personal data such as name, surname and payment status information. |
| Link: | link |
| Related articles: | Art. 5 (1) a), c) GDPR, Art. 6 GDPR |
| Type: | Insufficient legal basis for data processing |
| Fine: | EUR 10,000 |
| Sector | Finance, Insurance and Consulting |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/