Nimbus s.r.l. – €5,000 Fine (Italy, 2023)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Nimbus s.r.l. was fined for introducing a biometric attendance system without informing employees or getting their consent. The Italian data protection authority found that this violated privacy rules. Companies must ensure they communicate clearly and obtain consent before using biometric data.
What happened
Nimbus was fined EUR 5,000 for implementing a biometric attendance system without proper employee notification and consent.
Who was affected
Employees at Nimbus who were affected by the biometric attendance system.
What the authority found
The authority determined that Nimbus failed to adequately inform employees and obtain necessary consent for processing their biometric data.
Why this matters
This case emphasizes the need for companies to prioritize transparency and consent when using biometric systems. It sets a precedent for how businesses should handle sensitive employee data.
GDPR Articles Cited
The Italian DPA has imposed a fine of EUR 5,000 on Nimbus s.r.l.. The controller had introduced a biometric attendance system at the workplace without adequately informing the employees and obtaining their consent.
Related Enforcement Actions (0)
No other enforcement actions found for Nimbus s.r.l. in IT
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
14 September 2023
Authority
Garante per la protezione dei dati personali
Fine Amount
€5,000
Enforcement Tracker ID
ETid-2111
About this data
Cite as: Cookie Fines. Nimbus s.r.l. - Italy (2023). Retrieved from cookiefines.eu
Last updated: