A German restaurateur had a list on which his guests had to register in order to track possible COVID-19 infection chains. However, this contact list was open and visible to everyone. On the basis of this, the data protection authority imposed a fine of 100 euros.
A restaurateur in Germany had installed too many video cameras in his restaurant, which unlawfully captures his customers, employees and the area around the premises during opening hours. He was also unable to justify this extensive monitoring to the data protection authority.
A policeman had repeatedly used the police database for private purposes. With these queries, he wanted to get information about people around him (e.g. ex-girlfriends or neighbors) He received a fine of 600 euros due to this offense.
The call center kikXXL GmbH was commissioned by various companies from a wide variety of industries to make advertising calls. However, there was no mutual consent for this. As a result, many of those affected complained to the company. However, this did not stop the call center from continuing to make these unwanted advertising calls.
The Lower Saxony data protection authority found in investigations against the company out that it uses an outdated version of xt:Commerce, which has not been supplied with security updates since 2014. Among other things, the software still uses the hash function MD5, which has not been in line with current security standards for several years…. […]
In an unannounced on-site inspection, a German company refused access to its premises. The Bavarian State Office for Data Protection Supervision then imposed a fine of EUR 20,000. After the accused filed an objection to this fine, it was lowered to EUR 7,000.
Even before GDPR, many german lawyers sent out chargeable warning letters about small mistakes. With this law, the German federal government wants to protect small businesses and online shops in particular from high cost due to chargeable warning letters. Websites suffered automatic crawling to find minimal errors in the imprint or data protection notices. Chargeable… […]
The SME Radidata GmbH (Germany) was fined 10.000 EUR for not naming a Data Protection Officer (DPO). In Germany a DPO is needed as soon 20 employees work with personal data. The data protection Authority requested Rapidata to name a DPO several times but was ignored. The fine takes into account that Rapidata is a… […]