{"id":16563,"date":"2023-12-12T14:47:09","date_gmt":"2023-12-12T14:47:09","guid":{"rendered":"https:\/\/businessadapter.es\/endesas-sins-penalized-with-6-million\/"},"modified":"2024-12-11T10:44:38","modified_gmt":"2024-12-11T10:44:38","slug":"endesas-sins-penalized-with-6-million","status":"publish","type":"post","link":"https:\/\/businessadapter.es\/en\/endesas-sins-penalized-with-6-million\/","title":{"rendered":"Endesa’s sins penalized with $6 million"},"content":{"rendered":"\n

6 million fine for Endesa<\/strong><\/span><\/h1>\n

ENDESA is sanctioned by the Spanish Data Protection Agency(AEPD<\/a>) with a millionaire fine of more than 6 MILLION EUROS.<\/p>\n

The 215-page resolution published by the AEPD bases the sanction on a violation of security<\/a> due to improper access to personal data processed by ENDESA and the integrity of such data, as certain information was modified to make fraudulent registrations.<\/p>\n

ENDESA’s allegations<\/strong><\/span><\/h2>\n

We highlight ENDESA’s interpretation of the application of sanctions for violation of art. 5.1 and 32 of the GDPR <\/a>separately, since they claim that this should not be the case, since\"\"<\/a> art. 5.1 relating to confidentiality and data integrity and the security measures of art. 32 are equivalent, and that sanctioning their non-compliance separately means sanctioning the same thing twice and would be contrary to the principle of non bis in idem<\/em>.<\/p>\n

However, for the AEPD they are two different articles and should be sanctioned separately.<\/p>\n

Details of the sanction to ENDESA<\/strong><\/span><\/h2>\n

We analyze below the reasons for the different penalties and the amounts imposed for each one:<\/p>\n

Infringement of Article 5.1.f) of the GDPR, with a fine of 2,500,000 \u20ac.<\/strong><\/h4>\n

Failure to implement appropriate measures to ensure the integrity and confidentiality of the personal data processed.<\/p>\n

Infringement of Article 32 of the GDPR with a fine of 1.500.000 \u20ac.<\/strong><\/h4>\n

Appropriate technical and organizational measures to ensure a level of security appropriate to the risk.<\/p>\n

Infringement of Article 33 of the GDPR, with a fine of 800,000 \u20ac.<\/strong><\/h4>\n

Failure to notify a breach of personal data security to the supervisory authority<\/p>\n

Infringement of Article 34 of the GDPR, with a fine of 800,000 \u20ac.<\/strong><\/h4>\n

Failure to communicate the personal data security breach to the affected individuals<\/p>\n

Infringement of Article 44 of the GDPR, with a fine of 500,000 \u20ac.<\/strong><\/h4>\n

Failure to comply with the obligations established in the GDPR for international<\/a> data transfers<\/a>.<\/p>\n

Total<\/strong>: \u20ac6,100,000<\/h4>\n

Business Adapter\u00ae at your service <\/strong><\/span><\/h2>\n

If you need advice to avoid penalties, contact us by email: info@businessadapter.es, <\/a> you can also call 96 131 88 04<\/a>, or leave your message in this form:<\/p>\n

 <\/p>\n

[su_button url=”https:\/\/businessadapter.es\/contacto” target=”blank” background=”#f6f903″ color=”#181818″ size=”7″ center=”yes” icon_color=”#000000″]Contact us, we will be pleased to help you.[\/su_button]<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"

6 million fine for Endesa ENDESA is sanctioned by the Spanish Data Protection Agency(AEPD) with a millionaire fine of more […]<\/p>\n","protected":false},"author":1373,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[75],"tags":[82,86,90,96,83],"class_list":["post-16563","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-compliance-with-lopd-and-rgpd","tag-data-protection-penalties","tag-international-data-transfer","tag-security-breach","tag-security-measures"],"_links":{"self":[{"href":"https:\/\/businessadapter.es\/en\/wp-json\/wp\/v2\/posts\/16563","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/businessadapter.es\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/businessadapter.es\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/businessadapter.es\/en\/wp-json\/wp\/v2\/users\/1373"}],"replies":[{"embeddable":true,"href":"https:\/\/businessadapter.es\/en\/wp-json\/wp\/v2\/comments?post=16563"}],"version-history":[{"count":1,"href":"https:\/\/businessadapter.es\/en\/wp-json\/wp\/v2\/posts\/16563\/revisions"}],"predecessor-version":[{"id":16564,"href":"https:\/\/businessadapter.es\/en\/wp-json\/wp\/v2\/posts\/16563\/revisions\/16564"}],"wp:attachment":[{"href":"https:\/\/businessadapter.es\/en\/wp-json\/wp\/v2\/media?parent=16563"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/businessadapter.es\/en\/wp-json\/wp\/v2\/categories?post=16563"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/businessadapter.es\/en\/wp-json\/wp\/v2\/tags?post=16563"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}