A.A.A – Complaint Upheld (Spain, 2022)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The Spanish data protection authority reprimanded a government ministry for mistakenly sending an email containing confidential information to the wrong person. This incident raised concerns about how personal data is handled and protected. It emphasizes the need for organizations to improve their data handling practices.
What happened
A government ministry sent a confidential email to the wrong recipient.
Who was affected
Individuals whose confidential information was included in the mistakenly sent email.
What the authority found
The authority found that the ministry violated data protection rules regarding confidentiality in processing data.
Why this matters
This reprimand highlights the importance of careful data handling in all organizations, especially those dealing with sensitive information. It shows that even government bodies must be vigilant to protect personal data.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
National Law Articles
Entities Involved
An Email was missent by the ministry of inclusion, social security and migration. The AEPD charged them under Article 32 and 5 (1) (f) GDPR, but only issued a reprimand. The DPA held that the missending of the email infringes the confidentiality in processing of data.
Outcome
Complaint Upheld
A data subject complaint that was upheld by the DPA.
Related Enforcement Actions (1)
Other enforcement actions involving A.A.A in ES
Details
About this data
Cite as: Cookie Fines. A.A.A - Spain (2022). Retrieved from cookiefines.eu
Last updated: