Food and beverage outlet operator Spize has been fined S$20,000 after the personal data of about 150 customers was disclosed on its online ordering portal in 2017.
In the grounds of decision dated Thursday (Jul 4), which was published on the Personal Data Protection Commission (PDPC) website, the PDPC received a complaint on Aug 12, 2017 from a member of the public.
Read more on Channel News Asia. You can find the regulator’s decision on the PDPC site, here.
Spize wasn’t the only data protection complaint that was decided this week. The regulator also issued a decision in the matter of SME Motor:
Directions were issued to SME Motor for failing to make reasonable security arrangements to prevent the unauthorised disclosure of individuals’ personal data. The lapses resulted in personal data of other customers being disclosed on the reverse side of an invoice document.