Kymen Vesi Oy – €16,000 Fine (Finland, 2020)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Kymen Vesi Oy was fined €16,000 for not conducting a data protection impact assessment (DPIA) when processing employee location data. This case emphasizes the need for businesses to assess privacy risks when using systems that track employee locations.
What happened
Kymen Vesi Oy failed to conduct a data protection impact assessment for processing employee location data.
Who was affected
Employees whose location data was processed by Kymen Vesi Oy without a proper privacy risk assessment.
What the authority found
The authority found that Kymen Vesi Oy violated GDPR by not performing a required data protection impact assessment for processing location data.
Why this matters
This case serves as a reminder for companies to conduct DPIAs when implementing systems that track employee data. It highlights the importance of assessing privacy risks to comply with GDPR.
GDPR Articles Cited
Fine for failure to carry out a data protection impact assessment ('DPIA') for the processing of location data of employees with a vehicle information system
Related Enforcement Actions (0)
No other enforcement actions found for Kymen Vesi Oy in FI
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
22 May 2020
Authority
Tietosuojavaltuutetun toimisto
Fine Amount
€16,000
Enforcement Tracker ID
ETid-280
About this data
Cite as: Cookie Fines. Kymen Vesi Oy - Finland (2020). Retrieved from cookiefines.eu
Last updated: