Details:
| Summary | The company has sent advertising e-mails to several recipients where the e-mail addresses of all other recipients were visible to all recipients, because the recipient addresses were inserted as CC and not as BCC. |
| Link: | link |
| Related articles: | Art. 32 GDPR |
| Type: | Insufficient technical and organisational measures to ensure information security |
| Fine: | EUR 5,000 |
| Sector | Industry and Commerce |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/