Menu

CNIL Adopts Its First Sanction as Lead Supervisory Authority

, , , ,

French Data Protection Authority (CNIL) has levied a fine of €250,000 on French online shoe retailer, Spartoo, for various infringements of the EU General Data Protection Regulation (GDPR). This is the first penalty under the GDPR enforced by the CNIL as the lead supervisory authority (Lead SA) in cooperation with other EU supervisory authorities.

The CNIL’s investigation focused on the processing of personal data of Spartoo’s existing and prospective customers, and on the recording of telephone conversations between customers and Spartoo’s customer service. The investigation revealed several infringements of the GDPR, including (1) absence of a defined data retention period(s), (2) no regular erasure of existing and prospective customer personal data, and (3) improper acceptance of weak passwords for online customer accounts.

Source: CNIL Adopts Its First Sanction as Lead Supervisory Authority, Fining French Online Shoe Retailer

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Share via
Facebook
Twitter
LinkedIn
Mix
Pinterest
Tumblr
Skype
Buffer
Pocket
VKontakte
Parler
Xing
Reddit
Line
Flipboard
MySpace
Delicious
Amazon
Digg
Evernote
Blogger
LiveJournal
Baidu
MeWe
NewsVine
Yummly
Yahoo
WhatsApp
Viber
SMS
Telegram
Facebook Messenger
Like
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap