Details:
| Summary | The DPA from Luxembourg (CNPD) has imposed a fine of EUR 1,000 on a company. The controller had installed a video surveillance system with the purposes of the protection of property, securing access to private and risky places, as well as the safety of users and the prevention of accidents. However, the cameras also excessively captured parts of the public space. The DPA finds that the controller thus violated the principle of data minimization under Article 5 (1) c) GDPR. In addition, the controller had not properly informed the data subjects about the processing of the data by the video surveillance and thus violated its duty to inform. |
| Link: | link |
| Related articles: | Art. 5 (1) c) GDPR, Art. 13 GDPR |
| Type: | Non-compliance with general data processing principles |
| Fine: | EUR 1,000 |
| Sector | Not assigned |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/