The UPS courier company was fined 140,000 euros by the Spanish Cnil. The Spanish news site El Diario reported on June 12 that a company delivery man had indeed left a package, intended for a resident of a building, with a merchant in the same building, an ice cream parlor.
However, all of the customer’s contact details and personal information were clearly visible on the package, leaving her personal details in full view. Therefore, it was the client herself who filed the complaint with the Spanish Agency for Data Protection (AEPD), having not given her authorization for the package to be delivered to a place other than her home address.
A simple voice message
The delivery man sent him a voice message indicating that he had left the package “at the ice cream parlor”, without the customer being otherwise informed. A situation that has been considered a breach of the data protection law by the AEPD.
More specifically, the Agency indicated two crimes by UPS: the violation of the confidentiality of the client’s personal data, punishable by a fine of 100,000 euros, on the one hand. Then, the recurrence of UPS in the fact of delivering the package to an unknown third party without prior authorization, sanctioned with a fine of 40,000 euros for a total of 140,000 euros.
Indeed, the AEPD indicates that it is not the first time that it has imposed a fine on UPS. In November 2022, the company had to pay 70,000 euros for the same reasons. The agency said UPS does not yet have the “adequate means” to prevent these situations for its customers.
Source: BFM TV
