XXX – €70,000 Fine (Italy, 2022)
Unicredit was fined EUR 70,000 for not properly handling an employee's request to access their personal data. The Italian authority found that the company required the employee to fill out a form, which was not necessary for accessing the data. This case highlights the importance of responding to data access requests without unnecessary hurdles.
What happened
Unicredit required an employee to fill out a form to access their personal data, which was not necessary.
Who was affected
An employee of Unicredit who wanted to access their personal data.
What the authority found
The Italian authority ruled that Unicredit violated GDPR by making it unnecessarily difficult for the employee to access their data.
Why this matters
This decision emphasizes that companies must make it easy for individuals to access their personal data and cannot impose unnecessary conditions. Businesses should ensure their data access procedures are straightforward and comply with GDPR requirements.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
National Law Articles
Entities Involved
The case focused on a right of access issue where the data subject claimed insufficient information was provided by the controller.
Violations (1)
Non-essential cookies (tracking, advertising) are placed on the user's device before obtaining valid consent.
Art. 6(1) GDPR
Related Enforcement Actions (0)
No other enforcement actions found for XXX in IT
This is the only recorded action for this entity in this jurisdiction.
Similar Cases
Enforcement actions with similar violations
Details
Fine Date
16 June 2022
Authority
Garante per la protezione dei dati personali
Fine Amount
€70,000
About this data
Cite as: Cookie Fines. XXX - Italy (2022). Retrieved from cookiefines.eu
Last updated: