- Norway's data protection authority, Datatilsynet, announced a NOK 5 million fine to the toll company Ferde for unlawful transfers of personal data to China. An investigation found Ferde did not have a legal basis for its transfers, a data processor agreement or proper risk assessments over a two-year period. Datatilsynet also fined BRAbank NOK 400,000 for insufficient risk assessment.
- Denmark's DPA, Datatilsynet, issued a DKK 200,000 fine against the municipality of Vejle for insufficient security measures that led to a data breach.
- Greece's DPA, the Hellenic Data Protection Authority announced a 15,000 euro fine against Purple Sea Sole Proprietorship over the unlawful installation and operation of a video surveillance system.
- The U.K. Information Commissioner's Office fined restaurant chain Papa John's 10,000 GBP for sending 168,022 marketing messages without consumer consent.
If you want to comment on this post, you need to login.