Norway
Telenor ASA.
338,000 €
GDPR enforcement action by Norwegian Supervisory Authority (Datatilsynet) on 2025-03-10.
Rank · Sector
#69
of 366 in Media, Telecoms and Broadcasting
Rank · Norway
#6
of 52
Rank · All fines
#284
of 3,042
Case details
- Authority
- Norwegian Supervisory Authority (Datatilsynet)
- Date
- 2025-03-10
- Controller / Processor
- Telenor ASA.
- Sector
- Media, Telecoms and Broadcasting
- Quoted Articles
- Art. 24 (1), (2) GDPR, Art. 37 (7) GDPR, Art. 38 (2), (3) GDPR
- Type of violation
- Non-compliance with general data processing principles
Summary
The Norwegian DPA has imposed a fine of EUR 333,800 on Telenor ASA. During its investigation, the DPA found that the company had not conducted sufficient assessments and documentation regarding the role of the Data Protection Officer (DPO). Additionally, no direct and documented reporting line from the DPO to the highest management level had been established. The company also lacked adequate internal controls. The DPA further criticized the absence of appropriate organizational measures and guidelines for the DPO's role.
Open original source
Links to the regulator's original publication or another source.
Related fines
Norway
2021-12-13
6,300,000 €
ETid-950
Grindr LLC
Media, Telecoms and Broadcasting
Norway
2023-11-27
1,700,000 €
ETid-2136
Norwegian Labor and Welfare Administration
Public Sector and Education
Norway
2023-02-06
900,000 €
ETid-1656
Sats ASA
Industry and Commerce
Norway
2021-09-27
496,000 €
ETid-851
Ferde AS
Public Sector and Education
Norway
2021-10-18
412,000 €
ETid-878
Østre Toten municipality
Public Sector and Education
Norway
2020-09-03
276,000 €
ETid-292
Bergen Municipality
Public Sector and Education