Sovy recognised by KuppingerCole Independent Analysts More Info
  • Home
  • |
  • Log In
  • |
  • Contact
  • |
  • 0
Sovy
  • Products
    • Sovy GDPR Privacy Essentials℠
    • Sovy Academy℠
    • Sovy Advisory Services
    • All Products
    • Free GDPR Scan
    • Free GDPR Readiness Survey
  • Resources
    • Free GDPR Scan
    • Free GDPR Readiness Survey
    • Knowledge Portal
    • Data Privacy News
  • Pricing
  • About Sovy
    • Mission
    • Team
    • Investor Relations
    • Partnerships
    • Contact Us
  • Products
    • Sovy GDPR Privacy Essentials℠
    • Sovy Academy℠
    • Sovy Advisory Services
    • All Products
    • Free GDPR Scan
    • Free GDPR Readiness Survey
  • Resources
    • Free GDPR Scan
    • Free GDPR Readiness Survey
    • Knowledge Portal
    • Data Privacy News
  • Pricing
  • About Sovy
    • Mission
    • Team
    • Investor Relations
    • Partnerships
    • Contact Us

Data Privacy News

June 8, 2020

Company Fined 725,000€ for Collecting Employee’s Fingerprints

The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, “Dutch DPA”) recently fined a company for violating the General Data Protection Regulation (GDPR) by collecting personal data using fingerprint systems.

Under the GDPR, ”biometric data means personal data resulting from specific technical processing relating to the physical, physiological or behavioural characteristics of a natural person, which allow or confirm the unique identification of that natural person, such as facial images or dactyloscopic data. The term ‘dactyloscopic data’ means fingerprint data.

The company collected personal data to track the attendance and working hours of employees. According to the law, it is prohibited to collect such data using fingerprints systems, unless the data subjects are correctly informed and give their consent in a clear and explicit manner, or for security purposes. The company could not prove either of these two, and therefore it has been sanctioned with a 725,000€ fine. The name of the organization was not officially published.  This is the first time a company obtained a court order to keep its identity secret after a GDPR sanction.  The company is currently appealing the fine.

Companies and all organizations must pay careful attention when handling and collecting personal data. It is a fundamental right of every employee to clearly know how and for what purpose their data will be used.

Biometric data is categorized as sensitive data. The vice-chairman and member of the board of the Dutch Data Protection Authority (AP), Monique Verdier, pointed out in a very explicit way: ”this category of personal data is extra protected by law. If these data get into the wrong hands, this could potentially lead to irreparable damage. Such as blackmail or identity fraud. A fingerprint cannot be replaced, such as a password. If things go wrong, the impact can be huge and can have a lifelong negative effect on someone. ”

Need more information of how GDPR is applied? Check Sovy’s Knowledge portal to find out more.  For simple and affordable solutions that help you get compliant and stay compliant with data privacy regulations, visit Sovy

data privacy data protection Facebook fines GDPR
Previous StoryGrandmother Faces Fines For Photos On Facebook
Next StoryGoogle Loses Its Appealing To The €50 million GDPR Fine

SEARCH

CATEGORIES

  • 2020 (13)
  • CCPA (5)
  • Charities (1)
  • Coronavirus (3)
  • COVID-19 (3)
  • Events (1)
  • GDPR (51)
  • Google (1)
  • New Bytes (34)
  • News & Blog (48)
  • Opinions (25)
  • Workplace Conduct (1)

TAG CLOUD

2020 BEUC Brexit CCPA Charities China CJEU CNIL cookies coronavirus COVID-19 cybersecurity data breach data privacy data protection DfE DPC EDPB Facebook fine fines GDPR Google guidance H&M IAPP ICO LGDP LGPD mark zuckerberg Marriot marriott Microsoft notification online education oracle PIPEDA privacy shield salesforce Schrems II tik tok Uber UK US vodafone italy

ARCHIVES

  • February 2021 (1)
  • January 2021 (3)
  • December 2020 (4)
  • November 2020 (4)
  • October 2020 (4)
  • September 2020 (1)
  • August 2020 (1)
  • July 2020 (2)
  • June 2020 (3)
  • May 2020 (2)
  • April 2020 (2)
  • March 2020 (1)
  • February 2020 (1)
  • January 2020 (3)
  • December 2019 (3)
  • November 2019 (1)
  • July 2019 (3)
  • May 2019 (3)
  • March 2019 (2)
  • January 2019 (3)
  • December 2018 (3)
  • November 2018 (2)
  • September 2018 (1)
  • July 2018 (1)
  • June 2018 (2)

LATEST POSTS

  • Tik Tok Accused of Noncompliance with the GDPR
  • EDPB launches guidelines on Examples of Data Breach notification
  • GDPR at the End of 2020
  • The European Data Protection Board launches a series of recommendations following the CJEU’s decision C-311/18 (Schrems II)
  • CNIL fines Google LLC and Google Ireland with a total of €100 million for Using Cookies illegally

QUICK LINKS

  • About Us
  • Resources
  • Privacy Policy
  • Terms
  • Manage Consent
  • Contact Us

Sovy GDPR Privacy Essentials

  • Subscription Benefits
  • Pricing
  • Log in
  • GDPR for Small Businesses
  • GDPR for Enterprises
  • GDPR for Sole Traders
  • GDPR for Charities

SOVY LOCATIONS

Ireland HQ

Registered Office
St Gall's House
St Gall Gardens South
Milltown, Dublin 14
D14 Y882

Trading Office
Meath Enterprise Centre
Trim road, Navan
Co. Meath, C15 TKX6
Ph: +353 (0)1 669-4774

Brussels

Rond-Point Schuman 11
1040 Brussels
Belgium

London

Registered Office
Kemp House
152-160 City Road
London EC1V 2N

Trading Office
9-10 Staple Inn
2nd Floor
London WC1V 7QH

New York

NY Metropolitan Area
2037 Lemoine Ave
Suite 452,
Fort Lee, N.J. 07024, USA

ASSOCIATIONS

Copyright © 2020 Sovy Trust Solutions Limited. All Rights Reserved. Registered in Ireland, No. 610835 and No. 605069