Indcap AB – €43,000 Fine (Sweden, 2023)

€43,000Integritetsskyddsmyndigheten7 November 2023Sweden
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Indcap AB was fined €43,000 for mistakenly sending an email that included personal data of over 52,000 customers. This incident happened because the company did not have proper measures in place to protect sensitive information. It shows the importance of having strong data security practices in place.

What happened

Indcap AB accidentally sent an email containing personal data of over 52,000 customers to a large group of recipients.

Who was affected

Customers of Indcap AB whose personal data, including social security numbers and email addresses, was exposed.

What the authority found

The Swedish DPA found that Indcap AB failed to implement appropriate technical and organizational measures to protect personal data, violating GDPR's security requirements.

Why this matters

This case highlights the need for companies to prioritize data security to avoid costly mistakes. It serves as a reminder that even accidental breaches can lead to significant fines.

GDPR Articles Cited

Art. 32(1) GDPR
Sweden enforcementIntegritetsskyddsmyndigheten actionsAll Indcap AB actions
Full Legal Summary
Detailed

The Swedish DPA has imposed a fine of EUR 43,000 on Indecap AB. The controller had accidentally sent an email to a large number of its customers containing an Excel document including a report with personal data of other customers. The document cotained information on social security numbers, e-mail addresses, information on selected funds, etc. of more than 52,000 individuals. During its investigation, the DPA found that the controller had failed to implement appropriate technical and organizational measures to protect personal data, allowing such an incident to occur.

Related Enforcement Actions (0)

No other enforcement actions found for Indcap AB in SE

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

7 November 2023

Authority

Integritetsskyddsmyndigheten

Fine Amount

€43,000

Enforcement Tracker ID

ETid-2103

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Indcap AB - Sweden (2023). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: