The Netherlands
Unknown Organisation
725,000 €
GDPR enforcement action by Dutch Supervisory Authority for Data Protection (AP) on 2020-04-30.
Rank · Sector
#7
of 213 in Employment
Rank · The Netherlands
#12
of 43
Rank · All fines
#207
of 3,050
Case details
- Authority
- Dutch Supervisory Authority for Data Protection (AP)
- Date
- 2020-04-30
- Controller / Processor
- Unknown Organisation
- Sector
- Employment
- Quoted Articles
- Art. 5 GDPR, Art. 9 GDPR
- Type of violation
- Insufficient legal basis for data processing
Summary
The organisation had required its staff to have their fingerprints scanned to record attendance. However, as the decision of the data protection authority stated, the organisation could not rely on exceptions to the processing of this special category of personal data and the company could also not provide any evidence that the employees had given their consent to this data processing.
Open original source
Links to the regulator's original publication or another source.
Related fines
The Netherlands
2024-07-22
290,000,000 €
ETid-2447
Uber Technologies Inc., Uber B.V.
Employment
The Netherlands
2026-04-01
100,000,000 €
ETid-3171
Ridetech International B.V.
Transportation and Energy
The Netherlands
2024-05-16
30,500,000 €
ETid-2448
Clearview AI Inc.
Industry and Commerce
The Netherlands
2023-12-11
10,000,000 €
ETid-2199
Uber Technologies Inc.
Uber B.V.
Employment
The Netherlands
2024-11-26
4,750,000 €
ETid-2507
Netflix International B.V.
Media, Telecoms and Broadcasting
The Netherlands
2022-04-07
3,700,000 €
ETid-1124
Dutch Tax and Customs Administration
Public Sector and Education