Restaurant: Insufficient technical and organisational measures to ensure information security

In order to combat the Covid 19 pandemic, a restaurant had put out an open list in which visitors had to enter their contact data. The fact that the list was openly displayed would have made it possible for unauthorized third parties to gain access to the data.

GDPR Articles: Art. 32 GDPR
Industry: Accomodation and Hospitality