A German restaurateur had a list on which his guests had to register in order to track possible COVID-19 infection chains. However, this contact list was open and visible to everyone. On the basis of this, the data protection authority imposed a fine of 100 euros.
Video surveillance of employees customers and passers-by
A restaurateur in Germany had installed too many video cameras in his restaurant, which unlawfully captures his customers, employees and the area around the premises during opening hours. He was also unable to justify this extensive monitoring to the data protection authority.
Police database abused for private purposes
A policeman had repeatedly used the police database for private purposes. With these queries, he wanted to get information about people around him (e.g. ex-girlfriends or neighbors) He received a fine of 600 euros due to this offense.
Advertising calls without consent
The call center kikXXL GmbH was commissioned by various companies from a wide variety of industries to make advertising calls. However, there was no mutual consent for this. As a result, many of those affected complained to the company. However, this did not stop the call center from continuing to make these unwanted advertising calls.
Online store with outdated software
The Lower Saxony data protection authority found in investigations against the company out that it uses an outdated version of xt:Commerce, which has not been supplied with security updates since 2014. Among other things, the software still uses the hash function MD5, which has not been in line with current security standards for several years…. […]
Company denies access to data protection authority
In an unannounced on-site inspection, a German company refused access to its premises. The Bavarian State Office for Data Protection Supervision then imposed a fine of EUR 20,000. After the accused filed an objection to this fine, it was lowered to EUR 7,000.
Works councils must comply with data protection
According to the decision of the Federal Labor Court, works councils are obligated to data protection The employer is obliged to allow the works committee to inspect the non-anonymized gross remuneration lists. It is true that the inspection at issue is aimed at personal data. However, this is permissible. The court reasoned its decision as… […]