IDFINANCE Spain, S.L. – €3,000 Fine (Spain, 2021)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
IDFINANCE Spain, S.L. was fined EUR 3,000 after a person accidentally accessed another customer's personal data through a payment link. This incident shows the risks of not securing personal data properly.
What happened
IDFINANCE Spain, S.L. exposed personal data of a customer to another person through a payment link.
Who was affected
A customer whose personal data was exposed to another person via a payment link sent by IDFINANCE.
What the authority found
The Spanish authority fined IDFINANCE Spain, S.L. for failing to protect personal data, violating GDPR's data security requirements.
Why this matters
This case highlights the importance of securing personal data, especially in online transactions. Businesses should ensure their systems prevent unauthorized data access to comply with GDPR.
GDPR Articles Cited
The Spanish DPA (AEPD) imposed a fine of EUR 5,000 on IDFINANCE Spain S.L.. A person had received a debt collection email from IDFinance that contained a link for the payment of an invoice directly through the controller's website. Via the link, the person was able to view the personal data of another customer. The original fine of EUR 5,000 was reduced to EUR 3,000 due to immediate payment and admission of responsibility.
Related Enforcement Actions (0)
No other enforcement actions found for IDFINANCE Spain, S.L. in ES
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
1 February 2021
Authority
Agencia Española de Protección de Datos
Fine Amount
€3,000
Enforcement Tracker ID
ETid-542
About this data
Cite as: Cookie Fines. IDFINANCE Spain, S.L. - Spain (2021). Retrieved from cookiefines.eu
Last updated: