Sovy recognised by KuppingerCole Independent Analysts More Info
  • Home
  • |
  • Log In
  • |
  • Contact
  • |
  • 0
Sovy
  • Products
    • Sovy GDPR Privacy Essentials℠
    • Sovy Academy℠
    • Sovy Advisory Services
    • All Products
    • Free GDPR Scan
    • Free GDPR Readiness Survey
  • Resources
    • Free GDPR Scan
    • Free GDPR Readiness Survey
    • Knowledge Portal
    • Data Privacy News
  • Pricing
  • About Sovy
    • Mission
    • Team
    • Investor Relations
    • Partnerships
    • Contact Us
  • Products
    • Sovy GDPR Privacy Essentials℠
    • Sovy Academy℠
    • Sovy Advisory Services
    • All Products
    • Free GDPR Scan
    • Free GDPR Readiness Survey
  • Resources
    • Free GDPR Scan
    • Free GDPR Readiness Survey
    • Knowledge Portal
    • Data Privacy News
  • Pricing
  • About Sovy
    • Mission
    • Team
    • Investor Relations
    • Partnerships
    • Contact Us

Data Privacy News

October 5, 2020

Swedish Giant H&M Fined With Over €30 Million By GDRP For Unlawfully Storing And Collecting Personal Data Of Their Employees

The Swedish clothing company H&M (Hennes & Mauritz) has been fined €35.5 million by the German Data Protection Authority on the 1st of October 2020, after a data leak from a service center from Nuremberg Germany, which revealed the illegal collection of personal data of the employees by the managers.

The monitoring activity targeted several hundred employees at the service center. Since 2014, H&M managers have been gathering information related to employees’ privacy, such as medical diagnoses, family issues and religious beliefs.

The collected data was digitally recorded and stored in a system that could be accessed by 50 managers from across the company.

Prof. Dr. Johannes Caspar, Hamburg’s Commissioner for Data Protection and Freedom of Information, comments: “This case documents a serious disregard for employee data protection at the H&M site in Nuremberg. The amount of the fine imposed is therefore adequate and effective to deter companies from violating the privacy of their employees.

 

H&M admitted that there was deficiencies in the service center, claiming that they took measures to correct this situations. The company apologized to the affected employees which have been compensated as well. Moreover it implemented a data protection program for the service center in Nuremberg.

The fine applied to the Swedish Group is the largest announced so far in Germany on violating the GDPR regulations. Germany represents the main market for Hennes & Mauritz, founded in 1947 in Vasterls, Sweden.

 

Need help?

Sovy’s GDPR Essentials can help you with each of the steps laid out above:

  • Walk through a data mapping exercise and build your data inventory.
  • Build all the policies you need under the GDPR, including a privacy policy, data protection policy, and data breach response forms.
  • Train your employees with industry-standard eLearning courses.
  • Maintain your compliance program in the cloud
  • Manage cookie consent and data rights

Find out how the Sovy GDPR Privacy Essentials can help you. Get in touch to find out more information.

 

Source:  https://edpb.europa.eu/news/national-news/2020/hamburg-commissioner-fines-hm-353-million-euro-data-protection-violations_en

data breach data privacy data protection fines GDPR H&M
Previous StoryEarly Enforcement For the LGPD, the National Data Protection Law in Brazil
Next StoryThe UK’s Department for Education Does Not Comply With GDPR Data Protection Rules

SEARCH

CATEGORIES

  • 2020 (11)
  • CCPA (5)
  • Charities (1)
  • Coronavirus (3)
  • COVID-19 (3)
  • Events (1)
  • GDPR (49)
  • Google (1)
  • New Bytes (32)
  • News & Blog (46)
  • Opinions (23)
  • Workplace Conduct (1)

TAG CLOUD

2020 Brexit Business CCPA Charities China CJEU CNIL cookies coronavirus COVID-19 cybersecurity data breach data privacy data protection DfE DPC EDPB EU Facebook fine fines GDPR Google H&M IAPP ICO LGDP LGPD LIBE mark zuckerberg Marriot marriott Microsoft online education oracle PIPEDA privacy shield salesforce Schrems II Uber UK US vodafone italy

ARCHIVES

  • January 2021 (2)
  • December 2020 (4)
  • November 2020 (4)
  • October 2020 (4)
  • September 2020 (1)
  • August 2020 (1)
  • July 2020 (2)
  • June 2020 (3)
  • May 2020 (2)
  • April 2020 (2)
  • March 2020 (1)
  • February 2020 (1)
  • January 2020 (3)
  • December 2019 (3)
  • November 2019 (1)
  • July 2019 (3)
  • May 2019 (3)
  • March 2019 (2)
  • January 2019 (3)
  • December 2018 (3)
  • November 2018 (2)
  • September 2018 (1)
  • July 2018 (1)
  • June 2018 (2)

LATEST POSTS

  • GDPR at the End of 2020
  • The European Data Protection Board launches a series of recommendations following the CJEU’s decision C-311/18 (Schrems II)
  • CNIL fines Google LLC and Google Ireland with a total of €100 million for Using Cookies illegally
  • GDPR Fines and Penalties
  • Is The GDPR Good For Business?

QUICK LINKS

  • About Us
  • Resources
  • Privacy Policy
  • Terms
  • Manage Consent
  • Contact Us

Sovy GDPR Privacy Essentials

  • Subscription Benefits
  • Pricing
  • Log in
  • GDPR for Small Businesses
  • GDPR for Enterprises
  • GDPR for Sole Traders
  • GDPR for Charities

SOVY LOCATIONS

Ireland HQ

Registered Office
St Gall's House
St Gall Gardens South
Milltown, Dublin 14
D14 Y882

Trading Office
Meath Enterprise Centre
Trim road, Navan
Co. Meath, C15 TKX6
Ph: +353 (0)1 669-4774

Brussels

Rond-Point Schuman 11
1040 Brussels
Belgium

London

Registered Office
Kemp House
152-160 City Road
London EC1V 2N

Trading Office
9-10 Staple Inn
2nd Floor
London WC1V 7QH

New York

NY Metropolitan Area
2037 Lemoine Ave
Suite 452,
Fort Lee, N.J. 07024, USA

ASSOCIATIONS

Copyright © 2020 Sovy Trust Solutions Limited. All Rights Reserved. Registered in Ireland, No. 610835 and No. 605069