Burgo Group S.p.A – €20,000 Fine (Italy, 2020)

€20,000Garante per la protezione dei dati personali23 November 2020Italy
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Burgo Group S.p.A was fined EUR 20,000 by the Italian data protection authority for sharing a private email containing sensitive personal information with multiple employees. This case highlights the importance of handling personal data with care and ensuring privacy in workplace communications.

What happened

Burgo Group S.p.A shared an email with sensitive personal data about an employee's physical and mental health with four other employees without proper justification.

Who was affected

The affected individuals were employees whose private information about their health was improperly shared within the company.

What the authority found

The Italian authority found that Burgo Group violated GDPR rules by not protecting personal data and failing to inform individuals about how their data was used.

Why this matters

This case emphasizes that companies must handle employee data responsibly and transparently. Businesses should ensure they have clear policies and training to prevent unauthorized sharing of personal information.

GDPR Articles Cited

Art. 5 GDPR
Art. 13 GDPR
Italy enforcementGarante per la protezione dei dati personali actionsAll Burgo Group S.p.A actions
Full Legal Summary
Detailed

The Italian DPA (Garante) imposed a fine of EUR 20,000 on the company for non-compliant practices. Thus, for example, the personnel director forwarded an e-mail conversation between the data subject and a work colleague containing personal data (information relating to physical and mental discomfort in the workplace) to four people in the company.

Related Enforcement Actions (0)

No other enforcement actions found for Burgo Group S.p.A in IT

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

23 November 2020

Authority

Garante per la protezione dei dati personali

Fine Amount

€20,000

Enforcement Tracker ID

ETid-459

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Burgo Group S.p.A - Italy (2020). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: