Get ready for the whistleblowing lawBOOK DEMO NOW!

Fine issued following faulty configuration of email account

29 September 2022



The Spanish data protection authority (AEPD) has issued a fine of 3 000 euro to the Spanish company Estudios Europeos De Postgrado Y Empresa Sl. as a consequence of their failure to comply with the GDPR.

When a new employee at the company was given access to her email account, she discovered she had access to another employee´s inbox. Consequently, she had access to all emails received and sent by the other employee. The employee given the faulty access reported this to the AEPD. After an investigation, the AEPD concluded that the incident occurred because of a faulty configuration of the email account. Therefore, the AEPD found that the company had not implemented appropriate technical and organizational measures, which is a breach of the principle of integrity and confidentiality in the GDPR.

Read more:


We are always happy to help

Do you have any questions or want to book a demo? We are ready to guide you through the compliance jungle.

We are always happy to help