News

⚠️ Using a Document Shredder Can Prevent Penalties! ⚠️

Source : PS-00460-2024

🏆 A Spanish football club fined for throwing personal data in the trash! 🗑️📄

🔍 The Facts

📅 In October 2024, the AEPD sanctioned Club Rápido de Bouzas, a sports association in Vigo, for violating the GDPR.
🚔 The local police discovered 1,444 player information forms, including many related to children, discarded in a public container near a stadium.

📂 Exposed Data:
• Names, surnames, addresses, phone numbers 📞
• Parental information 👨‍👩‍👧, photographs 📸
• Copies of identity documents 🆔 and banking details 💳

❌ Violations Identified
🔴 Breach of Article 5(1)(f) of the GDPR → Lack of confidentiality and failure to implement security measures.
🔴 Breach of Article 32 of the GDPR → No technical and organizational measures were in place to ensure data security.
💡 Throwing away documents containing personal data without prior destruction is a GDPR violation!

⚖️ Penalty
💰 €1,000 fine, reduced to €600 after immediate payment and acknowledgment of responsibility.
📌 AEPD Recommendation: Ensure proper data retention periods, as some records were kept far beyond the necessary timeframe.

🛡️ Best Practices to Avoid This Type of Fine
✅ Always use a document shredder to dispose of paper files containing personal data.
✅ Implement a data retention and destruction policy.
✅ Train your teams on best practices for data protection.

⚠️ Negligence can be costly! 🚨 Make sure you properly manage both paper and digital documents to avoid GDPR violations.