Enforcement
EN Intesa Sanpaolo S.p.A.: Insufficient technical and organisational measures to ensure information security
€31,800,000 fine - Italian Data Protection Authority (Garante)
Content
Italian Data Protection Authority (Garante) fined Intesa Sanpaolo S.p.A. €31,800,000 on 2026-03-26 for: Insufficient technical and organisational measures to ensure information security.
GDPR Articles: Art. 5 (1) f), (2) GDPR, Art. 24 GDPR, Art. 32 GDPR, Art. 34 GDPR
Sector: Finance, Insurance and Consulting
Country: Italy
Source: https://www.gpdp.it/web/guest/home/docweb/-/docweb-display/docweb/10234984