Comune di Borgia – €5,000 Fine (Italy, 2022)

€5,000Garante per la protezione dei dati personali15 December 2022Italy
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

The Italian data protection authority fined the Comune di Borgia EUR 5,000 for improperly using employees' biometric data to track attendance. This matters because it shows that even local governments must respect privacy laws when handling sensitive data. The authority found the use of biometric data was not justified and lacked a legal basis.

What happened

Comune di Borgia used employees' biometric data to track attendance without a valid legal basis.

Who was affected

Employees of Comune di Borgia whose biometric data was used for attendance tracking.

What the authority found

The authority determined that the municipality's use of biometric data was unjustified and lacked a legal basis, violating GDPR rules.

Why this matters

This case highlights the importance of having a valid legal basis for processing sensitive data like biometrics. Local governments and businesses should ensure they comply with privacy laws to avoid penalties.

GDPR Articles Cited

Art. 6 GDPR
Art. 5(1)(a) GDPR
Art. 9(2) GDPR
Art. 37(7) GDPR
Italy enforcementGarante per la protezione dei dati personali actionsAll Comune di Borgia actions
Full Legal Summary
Detailed

The Italian DPA (Garante) imposed a fine of EUR 5,000 on Comune di Borgia. The municipality processed biometric data of employees for the purpose of registering their attendance. Garante found that such processing was not proportionate and therefore constituted an unjustified infringement of the rights of the data subjects. Subsequently, Garante determined that the processing of biometric data had taken place without a legal basis. Also the Garante found that the municipality failed to provide the DPA the contact data of their data protections officer.

Related Enforcement Actions (0)

No other enforcement actions found for Comune di Borgia in IT

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

15 December 2022

Authority

Garante per la protezione dei dati personali

Fine Amount

€5,000

Enforcement Tracker ID

ETid-1634

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Comune di Borgia - Italy (2022). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: