The Finnish supervisory authority (the “Ombudsman”) reminds controllers that IT system log data containing information related to the protection of personal data must be stored under the principle of accountability
The Spanish supervisory authority (Agencia Española de Protección de Datos – AEPD) has fined DATA 1000 FINCAS S.L., a property administration company, €2,000 for breach of Article 5(1) of the GDPR
The Personal Data Protection Office imposed a fine of over PLN 363,000 on Bank Millenium S.A. for failing to report a data protection breach and for failing to fully inform affected persons of the incident
The Cyprus supervisory authority has fined WS WiSpear Systems Ltd €925,000 for breaching the principles of lawfulness, fairness and transparency by collecting network card addresses (MAC addresses) and SIM card identifiers (IMSI) without users’ knowledge
The Privacy Protection Authority (PPA) in Israel has launched an investigation into a security incident suffered by CyberServe
The Dutch data protection authority (AP) has sent a letter to the GGD GHOR Nederland, the central office of public clinics, ordering additional measures to better protect personal data in the context of the processing of personal data in relation to the COVID-19 pandemic