FACUA reports the Board of Alhambra to Spain's Data Protection Agency for leaving visitors' data exposed

FACUA -Consumers in Action has reported the Board of the Alhambra and Generalife to Spain’s Data Protection Agency (AEPD, according to its initials in Spanish) for leaving the personal and financial data of 4.5 million visitors and almost a thousand travel agencies exposed due to a failure on the official ticket booking website. As published by El Confidencial this Wednesday, information such as DNI numbers (National Document of Identification for Spaniards), telephone and current account details, names and surnames, passwords, email addresses, postal addresses, etc. has been left publicly exposed for two years.

In their report, the association recalls that according to current European legislation (Regulation (EU) No 2016/679, Article 6), the processing of personal