CNIL (France) - SAN-2025-015

On November 2nd and November 10th, 2022, individuals who used the portal notified the responsible party that they had access to files related to other individuals. On November 2nd and November 10th, 2022, individuals who used the portal notified the responsible party that they had access to files related to other individuals. On November 22nd, 2022, the responsible party reported the data breach to the Dutch Data Protection Authority (AP). On November 22nd, 2022, the responsible party reported the data breach to the Dutch Data Protection Authority (AP). The data breach was caused by a configuration error made by the data processor. The data breach was caused by a configuration error made by the data processor. Following an on-site inspection, the AP initiated an investigation. Following an on-site inspection, an investigation was opened by the AP. On October 29th, 2025, the investigator concluded the investigation. The decision of the AP dates from December 22nd, 2025.

=== Holding ====== Holding ===

This content has been automatically translated using machine translation. The original version is available in the source language.

This content was automatically translated using machine translation. The original version is available in the source language.