Back to Explorer
GDPRTelecommunicationsHigh Severity

KPN B.V.

€750,000

Authority

AP

Country

Netherlands

Date Issued

December 3, 2021

Industry

Telecommunications

Summary

KPN inadequately secured customer data and failed to properly document legal basis for processing personal data of millions of subscribers.

Violation Types

SecurityData BreachLegal Basis

Articles Violated

Art. 32 GDPRArt. 33 GDPR
View original enforcement decision
View Netherlands regulatory profile →Search related breaches →

Related Enforcement Actions

Meta Platforms Ireland

DPC · GDPR · May 22, 2023

€1.2B

Amazon Europe Core

CNPD · GDPR · July 16, 2021

€746M

X Corp

DPC · GDPR · December 1, 2023

€550M

Meta Platforms Ireland

DPC · GDPR · September 5, 2022

€405M

Meta Platforms Ireland

DPC · GDPR · January 4, 2023

€390M

Avoid enforcement risk with automated compliance

IQWorks helps organizations automate GDPR compliance before regulators come knocking.

Talk to an Expert