- Employer in Greece fined €150,000 for relying on consent to process data under GDPR
- What are the practical implications of this decision?
- What is the relevant background?
- Background law
- Background facts
- What did the Hellenic Data Protection Authority decide?
Employment analysis: The Hellenic Data Protection Authority has imposed a fine of €150,000 on an employer in Greece, on the basis (a) it had unlawfully processed employee personal data, since consent was an inappropriate legal basis for processing, (b) it had processed the personal data in an unfair and transparent manner, by giving the false impression it was relying on consent, and (c) it was not able to demonstrate compliance, and had violated the principle of accountability by transferring the burden of proof of compliance to the data subjects.
Sign in or take a trial to read the full analysis.
To continue reading this news article, as well as thousands of others like it, sign in to LexisPSL or register for a free trial