Luxembourg
Company
10,000 €
GDPR enforcement action by National Commission for Data Protection (CNPD) on 2022-07-22.
Rank · Sector
#63
of 218 in Not assigned
Rank · Luxembourg
#10
of 34
Rank · All fines
#1,384
of 3,050
Case details
- Authority
- National Commission for Data Protection (CNPD)
- Date
- 2022-07-22
- Controller / Processor
- Company
- Sector
- Not assigned
- Quoted Articles
- Art. 5 (1) c) GDPR, Art. 13 GDPR
- Type of violation
- Non-compliance with general data processing principles
Summary
The DPA of Luxembourg (CNPD) has imposed a fine of EUR 10,000 on a company. The company had installed a video surveillance system for the purpose of protecting company property and staff. However, the cameras also constantly captured parts of employee's work areas, a break room, a meeting room and a neighbor property. The DPA states that the controller violated the principle of data minimization under Art. 5 (1) c) GDPR due to the excessive CCTV. Furthermore, the DPA found a violation of the information obligations set out in Art. 13 GDPR, by not properly informing data subjects about the video surveillance.
Open original source
Links to the regulator's original publication or another source.
Related fines
Luxembourg
2025-01-06
175,000 €
ETid-2615
Credit Institution
Finance, Insurance and Consulting
Luxembourg
2021-08-05
135,000 €
ETid-866
Insurance company
Finance, Insurance and Consulting
Luxembourg
2021-10-27
18,700 €
ETid-1747
Company
Not assigned
Luxembourg
2021-05-31
18,000 €
ETid-726
Unknown
Not assigned
Luxembourg
2021-10-13
18,000 €
ETid-896
Unknown
Not assigned
Luxembourg
2021-10-27
15,400 €
ETid-920
Unknown
Not assigned