Slovenia
Legal Entity
1,300 €
GDPR enforcement action by Slovenian Supervisory Authority (Informacijski pooblaščenec) on 2025-12-04.
Rank · Sector
#164
of 218 in Not assigned
Rank · Slovenia
#15
of 17
Rank · All fines
#2,548
of 3,050
Case details
- Authority
- Slovenian Supervisory Authority (Informacijski pooblaščenec)
- Date
- 2025-12-04
- Controller / Processor
- Legal Entity
- Sector
- Not assigned
- Quoted Articles
- Art. 32 (1) a), b) GDPR
- Type of violation
- Insufficient technical and organisational measures to ensure information security
Summary
The Slovenian DPA has imposed a fine of EUR 1,300 on a legal entity. An employee of the controller stored personal data on her work laptop without securing it, for example by encrypting it, and took the laptop outside of the secured workspace, thereby allowing third parties to gain access to the data. The entity was fined EUR 1,000, and the person responsible was fined EUR 300.
Open original source
Links to the regulator's original publication or another source.
Related fines
Slovenia
2025-12-11
75,474 €
ETid-3012
RIEDL PRECISION d.o.o.
Employment
Slovenia
2025-11-21
16,650 €
ETid-3008
Legal Entity
Not assigned
Slovenia
2025-05-14
16,000 €
ETid-3002
Oddaja sob
Accomodation and Hospitality
Slovenia
2026-03-27
13,491 €
ETid-3110
Legal Person
Not assigned
Slovenia
2025-07-29
11,614 €
ETid-3006
Legal Entity
Not assigned
Slovenia
2025-11-26
6,600 €
ETid-3009
Legal Entity
Employment