Unknown – €15,150 Fine (Hungary, 2019)

€15,150Nemzeti Adatvédelmi és Információszabadság Hatóság25 June 2019Hungary
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Hungary's data protection authority fined a company for not reporting a data breach when a flash drive with personal data was lost. This matters because it highlights the importance of promptly notifying authorities about data breaches to comply with GDPR rules.

What happened

A company failed to notify authorities about a data breach after losing a flash drive containing personal data.

Who was affected

Individuals whose personal data was stored on the lost flash drive.

What the authority found

The authority found that the company violated GDPR by not fulfilling its obligation to report the data breach.

Why this matters

This case emphasizes the critical need for companies to have procedures in place for reporting data breaches quickly. It serves as a reminder that failure to notify can lead to fines and regulatory scrutiny.

GDPR Articles Cited

AI-verified

Art. 33(GDPR)
View original scraped data
Art. 33(GDPR)

Original data from scraper before AI verification against source document.

Source verified 13 March 2026
amount discrepancy
Hungary enforcementNemzeti Adatvédelmi és Információszabadság Hatóság actionsAll Unknown actions
Full Legal Summary
Detailed

The data controller did not fulfil its data breach notification obligations when a flash memory with personal data was lost.

Related Enforcement Actions (7)

Other enforcement actions involving Unknown in HU

Fine
Dec 2018· Nemzeti Adatvédelmi és Információszabadság Hatóság

The fine was imposed for (i) not providing a data subject with CCTV recordings, (ii) not retaining recordings for further use by the data subject, and...

€3K
Fine
Apr 2019· Nemzeti Adatvédelmi és Információszabadság Hatóság

The data controller did not fulfil the data subject's access request.

€2K
Fine
Apr 2019· Nemzeti Adatvédelmi és Információszabadság Hatóság

A data controller used a, in the point of view of NAIH, wrong legal basis for processing of personal data (Art. 6.1.b) for the assignment of claims.

€9K
Current
Jun 2019

Fine

€15K

Fine
Jun 2019· Nemzeti Adatvédelmi és Információszabadság Hatóság

The individual requested the deletion of his contact data (including his telephone number), however the controller further processed his contact data ...

€3K
Fine
Nov 2020· Nemzeti Adatvédelmi és Információszabadság Hatóság

The data subject had subscribed to a newsletter of the controller. After altering his/her e-mail address, he/she continued to receive the newsletter v...

€28
Fine
Dec 2020· Nemzeti Adatvédelmi és Információszabadság Hatóság

The Hungarian DPA (NAIH) imposed a fine of HUF 700,000 (EUR 1,940) against a construction company. The controller had installed a video surveillance s...

€2K
Fine
Dec 2020· Nemzeti Adatvédelmi és Információszabadság Hatóság

The Hungarian DPA (NAIH) imposed a fine of EUR 97,150 against a credit institute. Two parents contacted the Hungarian DPA regarding the processing of ...

€97K

Details

Fine Date

25 June 2019

Authority

Nemzeti Adatvédelmi és Információszabadság Hatóság

Fine Amount

€15,150

Enforcement Tracker ID

ETid-74

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Unknown - Hungary (2019). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: