Details:
| Summary | The Lithuanian DPA has fined a company EUR 8, 000. The controller failed ot properly fulfil the data subject’s right to access their personal data processed by the company. The controller partially provided information about the processing of the data subject’s personal data, but the data subject was not given the opportunity to verify the legal basis (or bases) for the processing of their personal data, the specific data being processed, the purposes of processing, the retention period, etc. |
| Link: | link |
| Related articles: | Art. 5 (1) a) GDPR, Art. 15 (1) a), b), c), d), g) GDPR, Art. 15 (3) GDPR |
| Type: | Insufficient fulfilment of data subjects rights |
| Fine: | EUR 8,000 |
| Sector | Health Care |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/