Details:
| Summary | The Spanish DPA (AEPD) has imposed a fine of EUR 20,000 on DAVISER SERVICIOS, S.L.. The company had been processing biometric data (fingerprints) of employees for access to certain rooms, although less intrusive means (such as key cards) could have been used to protect the privacy of the data subjects. The AEPD found that the controller had violated the principle of data minimization. |
| Link: | link |
| Related articles: | Art. 5 (1) c) GDPR |
| Type: | Non-compliance with general data processing principles |
| Fine: | EUR 20,000 |
| Sector | Transportation and Energy |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/