Istituto di Istruzione Superiore 'P. Galluppi' Tropea – €4,000 Fine (Italy, 2025)

€4,000Garante per la protezione dei dati personali27 March 2025Italy
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

The Istituto di Istruzione Superiore 'P. Galluppi' Tropea was fined €4,000 for improperly processing biometric data of its employees to track their work hours. This is significant because it shows that schools and organizations must follow strict rules when handling sensitive data like biometrics. Other institutions should review their data practices to ensure compliance.

What happened

The school processed biometric data of employees without a valid legal basis.

Who was affected

Employees of the Istituto di Istruzione Superiore 'P. Galluppi' Tropea whose biometric data was collected.

What the authority found

The authority found that the school's processing of biometric data violated GDPR principles of lawfulness and transparency.

Why this matters

This ruling emphasizes the need for clear legal grounds when processing sensitive data. Organizations should ensure they have proper justifications for such practices.

GDPR Articles Cited

AI-verified

Art. 6(GDPR)
Art. 9(GDPR)
Art. 5(1)(a) GDPR
View original scraped data
Art. 5(1) a) GDPR
Art. 6(GDPR)
Art. 9(GDPR)

Original data from scraper before AI verification against source document.

Source verified 15 March 2026
articles corrected
amount discrepancy
national law identified
Italy enforcementGarante per la protezione dei dati personali actionsAll Istituto di Istruzione Superiore 'P. Galluppi' Tropea actions
Full Legal Summary
Detailed

The Italian DPA has imposed a fine of EUR 2,500 on the Istituto di Istruzione Superiore 'P. Galluppi' Tropea. The controller processed biometric data of its employees to control their work hours. The processing was designed in a way that, according to the DPA, did not comply with the principles of lawfulness, fairness and transparency and lacked a sufficient legal basis.

Related Enforcement Actions (0)

No other enforcement actions found for Istituto di Istruzione Superiore 'P. Galluppi' Tropea in IT

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

27 March 2025

Authority

Garante per la protezione dei dati personali

Fine Amount

€4,000

Enforcement Tracker ID

ETid-2670

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Istituto di Istruzione Superiore 'P. Galluppi' Tropea - Italy (2025). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: