PVV Overijssel – €7,500 Fine (Netherlands, 2020)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The Dutch Data Protection Authority fined the PVV Overijssel EUR 7,500 for not reporting a data breach. An email sent to 101 people accidentally revealed their political beliefs. This case highlights the need for quick action and proper procedures when handling data breaches.
What happened
The PVV Overijssel failed to report a data breach where an email exposed recipients' political beliefs.
Who was affected
Recipients of an email from PVV Overijssel, whose political beliefs were disclosed.
What the authority found
The Dutch authority fined PVV Overijssel for not notifying them of a data breach, as required by GDPR.
Why this matters
This case serves as a reminder for organizations to have robust breach notification processes. Quick reporting is crucial to comply with GDPR and protect individuals' privacy.
GDPR Articles Cited
The Dutch DPA (AP) fined the Overijssel local branch of the PVV party EUR 7,500 for failing to notify the AP of a personal data breach, in violation of Art. 33 GDPR. An email regarding the convening of a meeting had been sent via an open distribution list due to a human error. Since the total of 101 recipients were addressed as 'Friends of the PVV' in the email, the political beliefs of the data subjects were thus disclosed to all addressees.
Related Enforcement Actions (0)
No other enforcement actions found for PVV Overijssel in NL
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
16 June 2020
Authority
Autoriteit Persoonsgegevens
Fine Amount
€7,500
Enforcement Tracker ID
ETid-672
About this data
Cite as: Cookie Fines. PVV Overijssel - Netherlands (2020). Retrieved from cookiefines.eu
Last updated: