Unknown
€294K($318K USD)final
Date Issued
2019-12-02
Regulation
Authority
Data Protection Authority of Niedersachsen
Country
Germany
Violation Type
Failure to comply with data processing principles
Currency
EUR
Violation Summary
A company was fined with €294,000 because of the “unnecessarily long” storage and retention of personal data in the selection of personnel. During the selection process, even health data was requested, which was excessive according to the DPA.
Articles Violated
Art. 5 GDPR
Related Headlines
UK's ICO fines Marriott 18.4 mln pounds for failing to secure customer data - Reuters
Reuters · 10/30/2020
The Public Interest, the Media and Privacy - downloads.bbc.co.uk
downloads.bbc.co.uk · 10/12/2010
Other Fines for Unknown
| Date | Regulation | Amount (USD) | Type |
|---|---|---|---|
| -- | GDPR | -- | Non-compliance with lawful basis for data processing |
| -- | GDPR | -- | <a href="https://www.privacy-regulation.eu/en/32.htm">Art. 32 GDPR</a> |
| -- | GDPR | $540 | Non-compliance with lawful basis for data processing |
| -- | GDPR | -- | Non-compliance with lawful basis for data processing |
| -- | GDPR | -- | Non-compliance with subjects' rights protection safeguards |
| -- | GDPR | -- | Failure to implement sufficient measures to ensure information security |
| -- | GDPR | $54,000 | Non-compliance with subjects' rights protection safeguards |
| -- | GDPR | $4,428 | Unknown |
| 2023-03-23 | GDPR | $529 | Non-cooperation with Data Protection Authority |
| 2023-01-31 | GDPR | $194 | Insufficient fulfilment of information obligations |