Xfera Moviles S.A.
€60K($65K USD)final
Date Issued
2019-11-19
Regulation
Authority
Spanish Data Protection Authority (AEPD)
Country
Spain
Violation Type
Failure to implement sufficient measures to ensure information security
Currency
EUR
Violation Summary
A private individual received an SMS from Xfera Móviles which was actually addressed to a different person and which included personal details of that third party person. The information included personal details as well as login details to the Xfera Móviles website for the third party person.
Articles Violated
Art. 32 GDPR
Other Fines for Xfera Moviles S.A.
| Date | Regulation | Amount (USD) | Type |
|---|---|---|---|
| 2022-02-01 | GDPR | $216,000 | Non-compliance with lawful basis for data processing |
| 2020-12-09 | GDPR | $43,200 | Failure to comply with data processing principles |
| 2020-11-06 | GDPR | $21,600 | Failure to implement sufficient measures to ensure information security |
| 2020-09-25 | GDPR | $64,800 | Failure to comply with data processing principles |
| 2020-07-23 | GDPR | $5,400 | Non-cooperation with Data Protection Authority |
| 2020-07-20 | GDPR | $75,600 | Failure to comply with data processing principles |
| 2020-07-10 | GDPR | $59,400 | Non-compliance with subjects' rights protection safeguards |
| 2020-07-02 | GDPR | $5,400 | Non-cooperation with Data Protection Authority |
| 2020-06-15 | GDPR | $81,000 | Non-compliance with subjects' rights protection safeguards |
| 2020-06-09 | GDPR | $42,120 | Non-compliance with lawful basis for data processing |