Slovenia
Legal Entity
5,020 €
GDPR enforcement action by Slovenian Supervisory Authority (Informacijski pooblaščenec) on 2025-07-25.
Rank · Sector
#92
of 218 in Not assigned
Rank · Slovenia
#11
of 17
Rank · All fines
#1,682
of 3,042
Case details
- Authority
- Slovenian Supervisory Authority (Informacijski pooblaščenec)
- Date
- 2025-07-25
- Controller / Processor
- Legal Entity
- Sector
- Not assigned
- Quoted Articles
- Art. 32 GDPR
- Type of violation
- Insufficient technical and organisational measures to ensure information security
Summary
The Slovenian DPA has imposed a fine of EUR 5,020 on a legal entity. The controller had developed an application that allowed the exchange of personal data, but failed to implement technical measures to protect the programming interface when switching from the test environment to the production environment. This resulted in a data breach affecting approximately 100,000 users. The entity was fined EUR 4,820, and the person responsible was fined EUR 200.
Open original source
Links to the regulator's original publication or another source.
Related fines
Slovenia
2025-12-11
75,474 €
ETid-3012
RIEDL PRECISION d.o.o.
Employment
Slovenia
2025-11-21
16,650 €
ETid-3008
Legal Entity
Not assigned
Slovenia
2025-05-14
16,000 €
ETid-3002
Oddaja sob
Accomodation and Hospitality
Slovenia
2026-03-27
13,491 €
ETid-3110
Legal Person
Not assigned
Slovenia
2025-07-29
11,614 €
ETid-3006
Legal Entity
Not assigned
Slovenia
2025-11-26
6,600 €
ETid-3009
Legal Entity
Employment