Cribis Credit Management s.r.l. – €10,000 Fine (Italy, 2022)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Cribis Credit Management accidentally sent an email about an employee's late payments to their boss. This mistake exposed personal details like the employee's name and payment status. The Italian data protection authority fined the company EUR 10,000 for not protecting personal data properly.
What happened
Cribis Credit Management sent an email about an employee's late payments to the wrong person, revealing personal details.
Who was affected
An employee whose payment status and personal information were mistakenly shared with their boss.
What the authority found
The Italian authority found that Cribis Credit Management failed to protect personal data, violating GDPR's requirements for data protection.
Why this matters
This case highlights the importance of ensuring emails and sensitive information are sent to the correct recipients. Companies should double-check their communication processes to avoid similar privacy breaches.
GDPR Articles Cited
The Italian DPA has fined Cribis Credit Management s.r.l. EUR 10,000. The company had inadvertently sent an e-mail about late payments on a subscription to the head of the data subject. This allowed the head to gain access to their employee's personal data such as name, surname and payment status information.
Related Enforcement Actions (0)
No other enforcement actions found for Cribis Credit Management s.r.l. in IT
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
9 June 2022
Authority
Garante per la protezione dei dati personali
Fine Amount
€10,000
Enforcement Tracker ID
ETid-1368
About this data
Cite as: Cookie Fines. Cribis Credit Management s.r.l. - Italy (2022). Retrieved from cookiefines.eu
Last updated: