GLOBAL SALES SOLUTIONS LINE SLU – Court Ruling (Spain, 2022)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A Spanish court ruled that a company violated privacy rules by asking employees for personal emails instead of providing corporate ones. This matters because it highlights the responsibility of companies to supply necessary tools for remote work. The court emphasized that using personal emails for work without providing alternatives breaches privacy principles.
What happened
The company required employees to use personal emails for work communication instead of providing corporate emails.
Who was affected
Employees working remotely who were asked to use their personal emails for work-related communication.
What the authority found
The court decided that the company violated privacy rules by not providing corporate emails, breaching the data minimization principle under GDPR.
Why this matters
This ruling underscores the importance of companies providing necessary tools for remote work and respecting employee privacy. It sets a precedent for businesses to avoid using personal contact information for work purposes without offering alternatives.
GDPR Articles Cited
The Labour Chamber of the Spanish National High Court dealt with an appeal from a case in which a trade union sued a company for not providing their workers a corporate email and asking for a personal email instead (among other things). The workers were working remotely since the COVID-19 pandemic, and the company demanded their private emails in order to be able to communicate with the workers for diverse matters such as holidays requests, leaves, etc. This was established by a clause in their contracts. The company had also previously agreed to provide corporate emails to the workers. Additionally, the company had suffered a data breach in which their employees' private emails had been compromised. Upon this, the trade union had also asked the company to provide the list of such emails so they could communicate with the workers. The company replied that they would not provide the workers' emails without their consent. Given these facts, the Court first remarks that the law obliges the employer to provide their workers every means necessary to achieve develop their professional activity. In this regard, also, the law regulating remote work, passed in 2020, establishes that in any case, companies shall be obliged to provide the means, equipment, tools and consumables required for the development of remote work. Additionally, the Court highlights that the Court's case law has already established that demanding workers to provide their personal email or phone is a violation of GDPR, since, should they be necessary for the development of the workers' activity, they should hence be provided by the company. Therefore, the company would have breach the data minimisation principle from Article 5(1)(c) GDPR. With regard to the union's demand to provide a list of the workers' emails, the Court stated that, also according to the Court's case law, providing such list does not require consent since it is necessary for the development of the purposes of the right (and freedo
Outcome
Court Ruling
A ruling by a national court on a data-protection matter.
Related Cases (0)
No other cases found for GLOBAL SALES SOLUTIONS LINE SLU in ES
This is the only recorded case for this entity in this jurisdiction.
Details
About this data
Cite as: Cookie Fines. GLOBAL SALES SOLUTIONS LINE SLU - Spain (2022). Retrieved from cookiefines.eu
Last updated: