Posts

Schmerzensgeld für unvollständige und verspätete Auskunft - DSGVO Bußgeld

GDPR violation: Compensation for incomplete and late information

Violations of the GDPR can cost companies dearly. The first thing that usually comes to mind are the high regulatory fines that are widely reported in the press. But not only high fines from the supervisory authorities threaten defaulting companies with incorrect information – compensation for pain and suffering can also be due, as the judgment of the Düsseldorf Labor Court of March 5, 2020 showed (Az. 9 Ca 6557/18). The reasoning for the judgment contained some fundamental statements regarding immaterial damages in connection with the violation of the GDPR.
Read more

GDPR fine against H&M: € 35.3 million

The Swedish fashion brand H&M is said to pay a fine of 35.3 million euros for spying on employees. Hundreds of employees at the service center in Nuremberg are said to have been monitored. The Hamburg commissioner for data protection, Johannes Caspar, justified the decree on Thursday. Read the blog article to learn more about the GDPR fine against H&M.

Read more

GDPR violation – 1.2 million euros fine!

Data errors should cost the AOK Baden-Württemberg a fine of 1.2 million euros.

Read more

GDPR fine calculator – fine calculation for GDPR violations

The data protection conference has decided on a concept for the assessment of the GDPR fine in proceedings against companies, which specifies the abstract catalog of criteria from Art. 83 GDPR. The aim is to obtain a transparent and case-by-case form of fine assessment. The concept is intended to serve as a national guideline for the calculation of fines until the European Data Protection Committee issues Union-wide harmonized guidelines.

The concept has been around since September 2019, but for many companies the question still arises as to how a possible fine is calculated. We explain the calculation of the GDPR fine in detail in the following blog article.

Read more

EDSA updates guidelines on cookie consent for websites

As early as October 2019, the European Court of Justice (ECJ) ruled that when a website is accessed, the setting of cookies requires the active consent of the website visitor. This does not include cookies that are technically necessary to ensure the functionality of the website. The European Data Protection Board (EDPB) has now updated its guidelines on consent for websites and once again emphasized the urgent need for correct cookie consent. Learn more about this in our blog article.
Read more

Datenschutz in Österreich

Data protection in Austria: first warning and then fine?

Data protection in Austria does not work without the GDPR! The Austrian data protection supervisory authority clarifies the relationship between the data protection sanctions. In Austria, too, it is not mandatory that in the event of a data protection breach, a data protection warning must first be issued and a second breach may only be punished with a fine. Rather, a fine is possible even for the first breach.
Read more

Gmail DSGVO-konform Bilde

Gmail now order processing – and how you can use Gmail GDPR-compliant

The Higher Administrative Court of Münster ruled on February 5th, 2020 that Gmail is not a telecommunications service. Gmail can therefore be seen as classic order processing and is therefore subject to the special requirements of the GDPR. In the following blog article, we’ll tell you what you have to do to use Gmail in a GDPR-compliant manner.
Read more

14.5 million EUR GDPR fine imposed on real estate company

The reason for the GDPR fine of 14.5 million euros is data from tenants in an archive system, which could not be deleted. The grievances were discovered in 2017. A review in March 2019 showed that hardly anything had changed in the state. The Berlin data protection authority has therefore imposed a fine of millions on the real estate company “Deutsche Wohnen”. The fine could have been even higher due to the company’s turnover.

Read more

Data protection and money laundering law: inspection obligations regarding identity cards

A large amount of personal data can be found on an identity card. In many industries, particularly with regard to the Money Laundering Act, the question arises as to which personal data may be noted or copied and to what extent, or whether the ID card may even be scanned. In the following we give you a brief overview.

Read more

Calculation basis for GDPR fine published

“A data protection breach can become an expensive matter for companies in the future.”

We draw this conclusion clearly from the published concept of the German supervisory authorities, which provides information on how they intend to measure the GDPR fine for data protection violations in the future.

Read more