40.000 euro fine for Emag for failure to comply with GDPR requirements

1. The National Supervisory Authority for Personal Data Processing (NSPSPDPA) has received complaints from three individuals in Hungary against Dante International SA, through the cooperation mechanisms of Regulation (EU) 2016/679.

2. The ANSPDCP has been designated as the lead supervisory authority in this case, as Dante International SA has its main office in Romania.

Read More

5 notable examples of fines for non-compliance with Art 32 of GDPR

Article 32 of the General Data Protection Regulation (GDPR) lays down the obligation for controllers to implement technical and organizational measures with regard to the processing of personal data in such a way as to ensure a level of security appropriate to the risks associated with the processing and the nature of the personal data involved. These measures must ensure the confidentiality, integrity and availability of the data, as they would say, the holy trinity in information security or CIA.

Read More