DAVISER SERVICIOS, S.L.
€20,000
Non-compliance with general data processing principles
決定日期
2021年11月30日
權限
Spanish Data Protection Authority (aepd)
ES
部門
Transportation and Energy
國家
ES
法律
GDPR狀態
FINAL說明
The Spanish DPA (AEPD) has imposed a fine of EUR 20,000 on DAVISER SERVICIOS, S.L.. The company had been processing biometric data (fingerprints) of employees for access to certain rooms, although less intrusive means (such as key cards) could have been used to protect the privacy of the data subjects. The AEPD found that the controller had violated the principle of data minimization.
法律引文
Art. 5 (1)
問題與違規
Non-compliance with general data processing principles