Details:

Summary The Romanian DPA has imposed a fine of EUR 2,000 on IRIDEX GROUP SALUBRIZARE SRL. The controller had sent an e-mail to customers without using the blind copy option, revealing the email addresses of all recipients to the other recipients.
Link: link
Related articles:  Art. 32 (1) b) GDPR, Art. 32 (2), (3), (4) GDPR
Type: Insufficient technical and organisational measures to ensure information security
Fine: EUR 2,000
Sector Not assigned

 

All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/

Tags: case law