«Ιγνατιάδης Νικόλαος και ΣΙΑ Ε.Ε.» – €2,000 Fine (Greece, 2021)

The complainant made a complaint at the Greek DPA for the implementation of a security camera in his work place. The complainant stated that the camera was focused at his office and was used for surveillance purposes and not for security reasons. The company stated that the camera wasn't focused on the employee's office but was watching the all space especially the entrance of the premises. The DPA requested from the company to provide the documentation that could prove that the camera was not focuses on the complainant's office. Was the use of the camera lawful under articles 5 and 6 GDPR? The DPA held that the use of the camera by the Company cannot be justified in the light of the principle of proportionality. The camera was not focused only on the entrance of the premises but instead it was watching as well the employee's offices, violating the principle of data minimization of the GDPR. Additionally the fact that the director of the company was able to watch in real time at any time the images taken form the camera, could not justify the necessity and emergence of having a surveillance camera for security reasons. based on these facts the DPA imposed a fine of 2000€ to the company for violating articles 5(1)(c) and 6(1) GDPR.