Mirosław Wróblewski, President of Poland’s Personal Data Protection Office (UODO), imposed an administrative fine of $1.5 million (PLN 5,898,064) on Restaurant Partner Polska, the company responsible for operating the Glovo platform in Poland. The decision follows an inspection examining how personal data from users of the “Glovo – food delivery and other” app was processed.
Italy’s data protection authority has fined Intesa Sanpaolo €17.6 million after concluding that the bank unlawfully processed the personal data of roughly 2.4 million customers while preparing a large-scale transfer of accounts to its digital subsidiary Isybank.
South Korea is set to strengthen its privacy enforcement regime after lawmakers approved amendments to the country’s Personal Information Protection Act (PIPA) that introduce tougher penalties for repeat data breaches, expand the responsibilities of corporate leadership, and require certain organizations to adopt formal security and privacy certification frameworks.
The European Commission and the European Data Protection Board (EDPB) have published the responses received during a public consultation on draft guidelines designed to clarify how two cornerstone pieces of EU digital regulation (the Digital Markets Act (DMA) and the General Data Protection Regulation (GDPR) should interact in practice.
Italy’s data protection authority has fined energy supplier Acea Energia €2 million after an investigation found that contracts for electricity and gas services were activated without customers’ knowledge, following failures in how the company and its sales partners handled personal data.
A cyberattack on research systems at the University of Hawaiʻi Cancer Center has exposed personal data connected to roughly 1.2 million individuals, according to incident disclosures released by the university in late February.
Poland’s highest administrative court has revived a GDPR enforcement case against Fortum Marketing and Sales and its IT provider Pika, siding with the country’s data protection authority and reopening the path for multimillion-złoty fines tied to a 2020 data breach affecting more than 95,000 people.