Iceland
Breiðholt Upper Secondary School
9,000 €
GDPR enforcement action by Icelandic data protection authority ('Persónuvernd') on 2020-03-10.
Rank · Sector
#193
of 357 in Public Sector and Education
Rank · Iceland
#21
of 22
Rank · All fines
#1,471
of 3,050
Case details
- Authority
- Icelandic data protection authority ('Persónuvernd')
- Date
- 2020-03-10
- Controller / Processor
- Breiðholt Upper Secondary School
- Sector
- Public Sector and Education
- Quoted Articles
- Art. 5 (1) f) GDPR, Art. 32 GDPR
- Type of violation
- Insufficient technical and organisational measures to ensure information security
Summary
In violation of Art. 32 GDPR, a teacher had sent an e-mail to his students and their parents with an attachment containing data on their well-being, academic performance and social conditions.
Open original source
Links to the regulator's original publication or another source.
Related fines
Iceland
2023-06-27
257,000 €
ETid-1952
Creditinfo Lánstraust hf.
Finance, Insurance and Consulting
Iceland
2023-07-03
81,000 €
ETid-1940
Heilsuveru
Health Care
Iceland
2021-11-23
51,000 €
ETid-916
Icelandic Ministry of Industry and Innovation
Public Sector and Education
Iceland
2023-06-27
51,000 €
ETid-1948
eCommerce 2020 ApS
Finance, Insurance and Consulting
Iceland
2022-05-03
36,000 €
ETid-1154
City of Reykjavík
Public Sector and Education
Iceland
2025-02-17
34,300 €
ETid-2602
Primary Health Care in the Capital Area
Health Care