• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
easy GDPR - we make compliance with GDPR easy

easyGDPR

We make implementing General Data Protection Regulation Easy

  • Home
  • Services
    • Software
      • easyGDPR Quickcheck
      • (DEP) easyGDPR lite
      • (DEP) easyGDPR Standard
      • Data Subject Requests
      • Sophos
    • IT Security
    • network checkup
    • SME digitization funding
    • Data protection consulting
      • Data protection
      • Cybersecurity
    • Training
      • Data protection
      • Cybersecurity
  • Partner
    • Resellerprogramm
    • Affiliate programm
  • GDPR
    • GDPR News
    • FAQ
    • GDPR Decisions
    • GDPR penalties
    • GDPR legal text
  • Shop
  • Contact
    • Contact
    • Newsletter registration
  • Login
    • Shop / Affiliate Program
    • easyGDPR Software
  • German
  • English

France: GDPR breach in consulting office

28/06/2019 by

France: GDPR breach in consulting office

The French company UNIONTRAD COMPANY, which has its headquarters in Paris, offers translations in the fields of law and finance. Several employees complained about a surveillance system that constantly monitored them. In addition to this, the employees had not received any information about the purpose of the monitoring equipment. For this reason, the French data protection authority CNIL investigated the complaints.

In two investigations in October 2013 and June 2016, the company was notified each time of gross violations of data protection laws and asked to change its behavior. Employees may no longer be filmed permanently and must be informed about the purpose of the recordings. When questioned by CNIL, UNIONTRAD COMPANY stated that the cameras were necessary for security.

When the complaints did not stop, the agency conducted an on-site investigation. Even more DSGVO violations came to light: All employees shared a PC account and a mail account. As a result, everyone had access to all data, even though the company deals with legal matters, which could include personal data and which therefore require special protection. In addition, the permissible storage period of the data was exceeded.

After the transposition deadline, the CNIL carried out a new inspection. However, the company had not satisfactorily implemented the required measures. As UNIONTRAD COMPANY is only a small company with nine employees and had generated a net loss of € 110,884 in 2017, the initially considered penalty of € 750,000 was reduced to € 20,000.

Conclusion

The implementation of the GDPR must not be taken lightly by any company. Recommendations or requirements of the data protection authority should be implemented, otherwise there will be severe fines. In this case, the French authority refrained from imposing a heavy fine only because of the company’s massive losses.

With easyGDPR , you as a company can ensure that your company complies with the requirements of the GDPR . The program queries your current data protection standard and gives you detailed implementation recommendations based on this information. At the same time, the corresponding documentation is created, so in the event of a possible control, you can easily present the mandatory documentation

Entscheidungsdatum:
01.10.2018

Land:
France

Art des Verstoßes:
technical deficiency

Betroffene Datensätze:
unknown

Waren sensible Daten betroffen?:
Yes

verhängte Geldstrafe:
€ 20,000,-

Violation of GDPR Paragraph:

18. Right to restriction of processing
21. Right to object
25. Data protection by design and by default
31. Cooperation with the supervisory authority
5. Principles relating to personal data processing
6. Lawfulness of processing

Quelle:
Decision of the French data protection authority (French)

Category iconUncategorized

Primary Sidebar

IT-Security Whitepaper Downloaden
  • German
  • English
  • Data Protection Statement
  • Terms and Conditions
  • Imprint
  • Licence terms for easyGDPR
  • GDPR terms
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking "Accept", you consent to the use of ALL the cookies.
SettingsAccept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Non Necessary

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.

functionality

Diese Art von Cookies erhöht die Benutzerfreundlichkeit unserer Website. Beispielsweise wird darin die von Ihnen ausgewählte Sprache gespeichert. Auch die Verfügbarkeit von Videostreams und sonstigem Inhalt kann von diesen Cookies abhängig sein. Wenn Sie diese Cookies ablehnen, ist die Benutzerfreundlichkeit eingeschränkt.

Save & Accept