Unknown Company – €2,860 Fine (Hungary, 2019)

€2,860Nemzeti Adatvédelmi és Információszabadság Hatóság15 October 2019Hungary
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

An unknown company in Hungary was fined for accessing an employee's work devices and emails without proper notice while the employee was on sick leave. This case highlights the importance of transparency and proper procedures in employee monitoring. Employers should have clear policies and notify employees about monitoring practices.

What happened

An employer accessed an employee's work devices and emails without prior notification while the employee was on sick leave.

Who was affected

The affected party was an employee whose work devices and emails were accessed without consent.

What the authority found

The Hungarian authority ruled that the employer violated GDPR by not notifying the employee and failing to have proper monitoring policies in place.

Why this matters

This case emphasizes the need for employers to have clear, documented policies on employee monitoring and to ensure transparency with their staff. It highlights the importance of balancing business needs with employee privacy rights.

GDPR Articles Cited

Art. 5 GDPR
Art. 6 GDPR
Art. 13 GDPR
Art. 24 GDPR
Art. 25 GDPR
Hungary enforcementNemzeti Adatvédelmi és Információszabadság Hatóság actionsAll Unknown Company actions
Full Legal Summary
Detailed

An employee was on sick leave when his employer checked his desktop, laptop and emails to ensure that his work-related duties were being covered in his absence. The employer then suspended his account. The employee did not receive pre-notification and did not have the chance to copy / delete his private information (telephone numbers, messages). According to NAIH, employers must record the access with minutes and photos. Employment agreements must regulate whether employees can use work equipment for private purposes. Privacy notices must contain the reasons for employee monitoring (e.g. business continuity, internal investigation, disciplinary purposes, and the specific retention period of employee data - including the length and recurrence of backup copies. Employers must also prepare ”balancing tests” to prove their legitimate interests for general employee monitoring and specific cases.

Related Enforcement Actions (2)

Other enforcement actions involving Unknown Company in HU

Current
Oct 2019

Fine

€3K

Fine
Dec 2019· Nemzeti Adatvédelmi és Információszabadság Hatóság

The employer restored the mailbox of a director who had left the company a year before and found an email containing a work-related document. The dire...

€1K
Fine
Mar 2020· Nemzeti Adatvédelmi és Információszabadság Hatóság

The data controller has not complied with its obligation regarding the right of access to video recordings and was also unable to demonstrate that his...

€6K

Details

Fine Date

15 October 2019

Authority

Nemzeti Adatvédelmi és Információszabadság Hatóság

Fine Amount

€2,860

Enforcement Tracker ID

ETid-259

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Unknown Company - Hungary (2019). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: