Data Protection Academy » Data Protection News » Investigation by the Greek supervisory authority
Investigation by the Greek supervisory authority
Date: 14.01.2020
Responsible body: ALLSEAS MARINE S.A.
Nature of the data protection breach: Greece Video surveillance
The Greek supervisory authority is currently investigating the employer's access to and inspection of an employee's e-mails on a company server. It suspects that a video surveillance system has also been illegally installed and put into operation.
Access and view an employee's e-mails
The investigation is a response to a complaint concerning the lawfulness of the processing of personal data on a server of "ALLSEAS MARINE S.A." and the lawfulness of access to and inspection of deleted e-mails of a senior executive. The latter was suspected of having committed unlawful acts against the interests of the company.
The competent authority found that the company, as controller, complied with the requirements of the GDPR had fulfilled. Internal company regulations have included a prohibition on the use of electronic communications and the company's networks for private purposes. Employees were made aware of the possibility of conducting internal inspections.
The company therefore had to be notified in accordance with Article 5, first paragraph and the Article 6(1)(f) the GDPR the right to conduct an internal investigation and to search or restore employees' e-mails.
Video surveillance is a violation of the DSGVO
However, the supervisory authority found that a video surveillance system had been illegally installed and operated. The recorded material submitted is to be classified as unlawful. The company also prohibited the employee concerned from having access to his personal data on his company PC.
As a result, the following corrective measures were imposed on the company:
- Grant the right to access and obtain information about his personal data stored on the company's computer
- Ensure within one month that the processing operations carried out by means of his video-surveillance system comply with the provisions of the GDPR correspond to
An effective, proportionate and dissuasive administrative fine of EUR 15 000 is imposed on the company. The reason for the data protection fine is the illegal installation and operation of a video surveillance system.
Country: Greece
Fines: 15,000 euros
- Internal control system - 10 September 2024
- TISAX requirements: Prepare certification step by step - 8 January 2024
- Audit management: Implementing audits more efficiently - 26 October 2023
This might interest you too:
https://media.robin-data.io/2022/05/23150359/Header-Bussgeld.jpg
343
685
Caroline Schwabe
https://media.robin-data.io/2022/07/05140916/Robin-Data_ComplianceOS_white_logo.png
Caroline Schwabe2020-09-15 10:20:472022-06-01 14:16:20Examples of GDPR fines: what happens in data protection
https://media.robin-data.io/2022/05/23150359/Header-Bussgeld.jpg
343
685
Caroline Schwabe
https://media.robin-data.io/2022/07/05140916/Robin-Data_ComplianceOS_white_logo.png
Caroline Schwabe2020-02-18 15:55:522023-08-03 07:36:35Data protection fine imposed on the Municipality of Oslo Education Authority
https://media.robin-data.io/2022/05/23150359/Header-Bussgeld.jpg
343
685
Nadine Porrmann
https://media.robin-data.io/2022/07/05140916/Robin-Data_ComplianceOS_white_logo.png
Nadine Porrmann2019-12-19 14:31:162022-09-21 09:10:33Data protection fine Swedish company
