DAVISER SERVICIOS, S.L.
€20,000
Non-compliance with general data processing principles
결정 날짜
2021년 11월 30일
권한
Spanish Data Protection Authority (aepd)
ES
섹터
Transportation and Energy
국가
ES
법률
GDPR상태
FINAL설명
The Spanish DPA (AEPD) has imposed a fine of EUR 20,000 on DAVISER SERVICIOS, S.L.. The company had been processing biometric data (fingerprints) of employees for access to certain rooms, although less intrusive means (such as key cards) could have been used to protect the privacy of the data subjects. The AEPD found that the controller had violated the principle of data minimization.
법적 인용
Art. 5 (1)
문제 및 위반 사항
Non-compliance with general data processing principles