Italy
Comune di Luino
10,000 €
GDPR enforcement action by Italian Data Protection Authority (Garante) on 2020-12-17.
Rank · Sector
#178
of 357 in Public Sector and Education
Rank · Italy
#261
of 543
Rank · All fines
#1,339
of 3,050
Case details
- Authority
- Italian Data Protection Authority (Garante)
- Date
- 2020-12-17
- Controller / Processor
- Comune di Luino
- Sector
- Public Sector and Education
- Quoted Articles
- Art. 5 (1) a), c) GDPR, Art. 6 (1) c), e) GDPR, Art. 6 (2) GDPR, Art. 6 (3) b) GDPR, Art. 37 (1) a) GDPR, Art. 37 (7) GDPR
- Type of violation
- Non-compliance with general data processing principles
Summary
The Italian DPA (Garante) imposed a fine of EUR 10,000 on the municipality of Luino. The controller had published a document containing personal data of a local council member. In addition to personal data, the document also contained information about a complaint procedure filed against him by the mayor. The freely accessible document could be downloaded without further authentication. Furthermore, the municipality had failed to name a data protection officer and to provide the DPA with his/her contact details.
Open original source
Links to the regulator's original publication or another source.
Related fines
Italy
2024-02-08
79,100,000 €
ETid-2306
Enel Energia SpA
Transportation and Energy
Italy
2026-03-26
31,800,000 €
ETid-3162
Intesa Sanpaolo S.p.A.
Finance, Insurance and Consulting
Italy
2020-01-15
27,800,000 €
ETid-189
TIM (telecommunications operator)
Media, Telecoms and Broadcasting
Italy
2022-02-10
20,000,000 €
ETid-1098
Clearview Al Inc.
Industry and Commerce
Italy
2020-07-13
16,700,000 €
ETid-336
Wind Tre S.p.A.
Media, Telecoms and Broadcasting
Italy
2024-11-02
15,000,000 €
ETid-2497
OpenAI OpCo LLC
Media, Telecoms and Broadcasting