10/7/2023 0 Comments Discord mobile websiteThe amount of the fine was decided regarding the breaches identified, the number of people concerned, but also taking into account the efforts made by the company to comply throughout the procedure and the fact that its business model is not based on the exploitation of personal data. It imposed a fine of 800,000 euros on DISCORD INC. On the basis of the findings made during investigations, the restricted committee - the CNIL body responsible for issuing sanctions - considered that the company had failed to comply with several obligations under the General Data Protection Regulation (GDPR). Failure to carry out a data protection impact assessment (Article 35 of the GDPR).Failure to ensure the security of personal data (Article 32 of the GDPR).Failure to ensure data protection by default (Article 25.2 of the GDPR).Failure to comply with the obligation to provide information (Article 13 of the RGPD).Failure to define and respect a data retention period appropriate to the purpose (Article 5.1.e of the GDPR).It also carried out a documentary investigation. The CNIL conducted several types of investigation: it carried out an online check on both the "" website and the DISCORD mobile application. ![]() The CNIL decided to investigate in its own initiative, without any complaints having been filed. Summary of the Decision Origin of the case Decision: Infringement of the GDPR, Administrative fine.Legal Reference: Data retention periods (article 5.1.e of the GDPR), Information to individuals (article 13 of the GDPR), Data protection by default (article 25.2 of the GDPR), Security of processing (article 32 of the GDPR), Data protection impact assessment (article 35 of the GDPR).Date of final decision: 10 November 2022.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |