Virgin Mobile Polska
443,000 €
GDPR enforcement action by Polish National Personal Data Protection Office (UODO) on 2020-12-14.
Rank · Sector
#68
of 369 in Media, Telecoms and Broadcasting
Rank · Poland
#8
of 112
Rank · All fines
#259
of 3,059
Case details
- Authority
- Polish National Personal Data Protection Office (UODO)
- Date
- 2020-12-14
- Controller / Processor
- Virgin Mobile Polska
- Sector
- Media, Telecoms and Broadcasting
- Quoted Articles
- Art. 5 (1) f), (2) GDPR, Art. 25 (1) GDPR, Art. 32 (1) b), d), (2) GDPR
- Type of violation
- Insufficient technical and organisational measures to ensure information security
Summary
The Polish DPA (UODO) fined Virgin Mobile Polska EUR 443,000 due to a data leak that allowed unauthorized third parties to access personal data stored by Virgin Mobile Polska as a result of inadequate security measures. The DPA notes that the company did not conduct regular and extensive tests on the effectiveness of the measures applied to ensure data security. Indeed, activities in this regard were conducted only in the event of a suspected security leak.
Open original source
Links to the regulator's original publication or another source.
Related fines
Poland
2025-08-26
4,323,250 €
ETid-2840
ING Bank Śląski
Finance, Insurance and Consulting
Poland
2025-07-21
3,955,000 €
ETid-2757
McDonald’s Polska Sp. z o.o.
Employment
Poland
2026-02-05
2,682,000 €
ETid-3063
DPD Polska sp. z o.o.
Transportation and Energy
Poland
2026-02-19
1,393,300 €
ETid-3113
Restaurant Partner Polska
Industry and Commerce
Poland
2022-01-19
1,000,000 €
ETid-1104
Fortum Marketing and Sales Polska S.A.
Transportation and Energy
Poland
2024-08-20
940,000 €
ETid-2457
mBank
Finance, Insurance and Consulting