Fine issued following faulty configuration of email account

29 September 2022



The Spanish data protection authority (AEPD) has issued a fine of 3 000 euro to the Spanish company Estudios Europeos De Postgrado Y Empresa Sl. as a consequence of their failure to comply with the GDPR.

When a new employee at the company was given access to her email account, she discovered she had access to another employee´s inbox. Consequently, she had access to all emails received and sent by the other employee. The employee given the faulty access reported this to the AEPD. After an investigation, the AEPD concluded that the incident occurred because of a faulty configuration of the email account. Therefore, the AEPD found that the company had not implemented appropriate technical and organizational measures, which is a breach of the principle of integrity and confidentiality in the GDPR.

Read more:


Vi hjälper dig vidare till nästa steg

Har du frågor eller vill boka demo? Vi står redo att hjälpa dig vidare mot en enklare vardag.

Vi hjälper dig vidare till nästa steg