Kebab restaurant – €1,800 Fine (Austria, 2018)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
An Austrian kebab restaurant was fined for using CCTV without proper notice and keeping footage too long. This case shows that even small businesses must follow privacy rules when using surveillance cameras.
What happened
The kebab restaurant used CCTV without providing adequate information and kept the footage longer than necessary.
Who was affected
Customers and employees recorded by the restaurant's surveillance cameras.
What the authority found
The Austrian authority fined the restaurant for not providing sufficient information about CCTV use and for violating data minimization principles by storing footage too long.
Why this matters
This case is a reminder that businesses, regardless of size, must inform people about surveillance and limit data retention. Compliance with privacy laws is crucial to avoid fines.
GDPR Articles Cited
CCTV was unlawfully used. Sufficient information about the video surveillance was missing. In addition, the storage period of 14 days was too long and therefore against the principle of data minimization. Addendum: Fine has been reduced to EUR 1500 by court, see link
Related Enforcement Actions (0)
No other enforcement actions found for Kebab restaurant in AT
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
1 January 2018
Authority
Datenschutzbehörde
Fine Amount
€1,800
Enforcement Tracker ID
ETid-2
About this data
Cite as: Cookie Fines. Kebab restaurant - Austria (2018). Retrieved from cookiefines.eu
Last updated: