The Netherlands
PVV Overijssel
7,500 €
GDPR enforcement action by Dutch Supervisory Authority for Data Protection (AP) on 2020-06-16.
Rank · Sector
#200
of 356 in Public Sector and Education
Rank · The Netherlands
#42
of 43
Rank · All fines
#1,532
of 3,042
Case details
- Authority
- Dutch Supervisory Authority for Data Protection (AP)
- Date
- 2020-06-16
- Controller / Processor
- PVV Overijssel
- Sector
- Public Sector and Education
- Quoted Articles
- Art. 33 GDPR
- Type of violation
- Insufficient fulfilment of data breach notification obligations
Summary
The Dutch DPA (AP) fined the Overijssel local branch of the PVV party EUR 7,500 for failing to notify the AP of a personal data breach, in violation of Art. 33 GDPR. An email regarding the convening of a meeting had been sent via an open distribution list due to a human error. Since the total of 101 recipients were addressed as "Friends of the PVV" in the email, the political beliefs of the data subjects were thus disclosed to all addressees.
Open original source
Links to the regulator's original publication or another source.
Related fines
The Netherlands
2024-07-22
290,000,000 €
ETid-2447
Uber Technologies Inc., Uber B.V.
Employment
The Netherlands
2026-04-01
100,000,000 €
ETid-3171
Ridetech International B.V.
Transportation and Energy
The Netherlands
2024-05-16
30,500,000 €
ETid-2448
Clearview AI Inc.
Industry and Commerce
The Netherlands
2023-12-11
10,000,000 €
ETid-2199
Uber Technologies Inc.
Uber B.V.
Employment
The Netherlands
2024-11-26
4,750,000 €
ETid-2507
Netflix International B.V.
Media, Telecoms and Broadcasting
The Netherlands
2022-04-07
3,700,000 €
ETid-1124
Dutch Tax and Customs Administration
Public Sector and Education