Swedish Giant H&M Fined With Over €30 Million By GDRP For Unlawfully Storing And Collecting Personal Data Of Their Employees

The Swedish clothing company H&M (Hennes & Mauritz) has been fined €35.5 million by the German Data Protection Authority on the 1st of October 2020, after a data leak from a service center from Nuremberg Germany, which revealed the illegal collection of personal data of the employees by the managers. The monitoring activity targeted several […]

International Data Transfer- a new challenge for data controllers

 It all started with Maximillian Schrems, an Austrian activist who sued Facebook for its privacy policy, participation to the American secret services programs, tracking the user’s activity on other pages than Facebook network along with other violations. The first decision of the EU Court of Justice (CJEU) ruled that Max can sue Facebook Ireland even […]

Company Fined 725,000€ for Collecting Employee’s Fingerprints

The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, “Dutch DPA”) recently fined a company for violating the General Data Protection Regulation (GDPR) by collecting personal data using fingerprint systems. Under the GDPR, ”biometric data means personal data resulting from specific technical processing relating to the physical, physiological or behavioural characteristics of a natural person, which allow […]

Facebook’s Privacy Vision from a GDPR Perspective

On Wednesday, Mark Zuckerberg described a new ‘Privacy-Focused Vision’ for Facebook. The change feels a bit overdue, after Facebook’s privacy antipathy led to two consecutive quarters of declining users. In his blog post, Zuckerberg laid out the vision for a new ‘privacy-focused platform’: We plan to build this the way we’ve developed WhatsApp: focus on […]