Taksi Helsinki
€72,000
Non-compliance with general data processing principles
Ngày ra quyết định
29 tháng 5, 2020
Thẩm quyền
Deputy Data Protection Ombudsman
FI
Ngành
Transportation and Energy
Quốc gia
FI
Luật
GDPRTrạng thái
FINALMô tả
Among other things, the company had not assessed the risks and consequences of processing personal data before introducing a camera surveillance system that records audio and video in its taxis and had also failed to conduct data protection impact assessments of its processing activities, including the surveillance of security cameras, the processing of location data, automated decision making and profiling as part of its loyalty program. Furthermore, the processing of audio data was not in line with the GDPR principle of data minimization.
Trích dẫn pháp lý
Art. 5Art. 6Art. 35
Vấn đề & Vi phạm
Non-compliance with general data processing principles