Supermarket – €50,000 Fine (Germany, 2023)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A supermarket in Germany was fined €50,000 for posting a list of employees' sick days in a break room. This list was visible to others, including suppliers, which violated privacy rules. The case highlights the importance of keeping employee health information confidential.
What happened
The supermarket displayed a list of employees' sickness-related absences in a break room for four weeks.
Who was affected
Employees whose sickness-related absences were listed and visible to others, including suppliers.
What the authority found
The data protection authority found that the supermarket violated GDPR by not having a valid legal basis to display personal health information.
Why this matters
This case underscores the need for businesses to protect employee privacy, especially regarding sensitive health information. It serves as a reminder that even internal displays of personal data can lead to significant fines if not properly managed.
GDPR Articles Cited
The DPA of Brandenburg has imposed a five-figure fine on a company. The controller had posted a list of employees' sickness-related absences for the year 2022 in the employee break room. The list contained details of the days on which they were absent from work due to their own illness or the illness of their child. The table was displayed for four weeks and in some cases third parties such as suppliers also had access to the list.
Related Enforcement Actions (1)
Other enforcement actions involving Supermarket in DE
Details
Fine Date
1 January 2023
Authority
Bundesbeauftragter für den Datenschutz
Fine Amount
€50,000
Enforcement Tracker ID
ETid-2299
About this data
Cite as: Cookie Fines. Supermarket - Germany (2023). Retrieved from cookiefines.eu
Last updated: