DAVISER SERVICIOS, S.L. – €20,000 Fine (Spain, 2021)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The Spanish DPA fined DAVISER SERVICIOS, S.L. €20,000 for using fingerprint scans to control room access. The company could have used less intrusive methods like key cards, violating the GDPR's data minimization principle.
What happened
DAVISER SERVICIOS, S.L. processed employee fingerprints for room access without considering less intrusive options.
Who was affected
Employees whose fingerprints were collected for accessing certain rooms.
What the authority found
The Spanish DPA found that the company violated the GDPR's data minimization principle by using unnecessary biometric data.
Why this matters
This case underscores the importance of using the least intrusive method for data collection. Businesses should evaluate whether they truly need sensitive data like biometrics for their operations.
GDPR Articles Cited
The Spanish DPA (AEPD) has imposed a fine of EUR 20,000 on DAVISER SERVICIOS, S.L.. The company had been processing biometric data (fingerprints) of employees for access to certain rooms, although less intrusive means (such as key cards) could have been used to protect the privacy of the data subjects. The AEPD found that the controller had violated the principle of data minimization.
Related Enforcement Actions (0)
No other enforcement actions found for DAVISER SERVICIOS, S.L. in ES
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
30 November 2021
Authority
Agencia Española de Protección de Datos
Fine Amount
€20,000
Enforcement Tracker ID
ETid-925
About this data
Cite as: Cookie Fines. DAVISER SERVICIOS, S.L. - Spain (2021). Retrieved from cookiefines.eu
Last updated: