Skip to main content

GDPR Shot: The “Permanent Record” of employees

The title of Edward Snowden's book “The Permanent Record”, is reminiscent of a recent case of illegal processing of employees' personal data. It concerns a hefty fine of around EUR 35,3 million imposed a few days ago by the Hamburg Personal Data Protection Authority on a large Swedish, multinational clothing retailer. The company illegally carried out an extensive “record keeping” of the private life of many of its employees...

Continue reading

GDPR Shot: “Wild West” in political communication

A plethora of infringements have been uncovered in the field of political communication via spam emails and short text messages (SMS). Compliance with the rules is not strictly adhered to, despite the continuous strengthening of the legal framework for the protection of personal data and the consequent, increased awareness of the citizens. This is inferred from the seven recent decisions published by...

Continue reading

GDPR Shot: Media and Personal Data vol. II

With the 16-9-2019 "GDPR Shot: Media and personal data" the question was expressed about the completeness of article 28 of Law 4624/2019 with the national measures implementing the GDPR. It is recalled that this article regulates in particular the processing of personal data for journalistic purposes, excluding with the second paragraph...

Continue reading

GDPR Shot: “May I as DPO or may I not?”

"To be, or not to be, that is the question". Existential dilemmas of the Hamlet type in the field of personal data protection are posed by a recent announcement of the Greek supervisory authority (HDPA) for the Data Protection Officers (DPOs). According to the relevant press release of January, the representation of a controller is not allowed...

Continue reading

GDPR Shot: “Poisonous” fine for careless pharmacy

On December 20, 2019, the first fine imposed by the United Kingdom Data Protection Authority (ICO) for breaches of the GDPR amounting to 275,000 pounds (approximately 320,000 euros) was announced. The facts which took place in Old Albion teach us the value of keeping personal data in locked containers and taking (self-evident?) measures to protect them from the elements of nature.

Continue reading

GDPR Shot: Heavy fine for personal data’s “graveyard”

A recent decision on October 30, 2019 by the Commissioner for Personal Data Protection of Berlin reveals vividly the danger of accepting the doctrine “keeping everything forever” under the GDPR. This is a practice followed, at least partially, even today in Greece by natural and legal persons, hesitating to adopt and apply reasonable deadlines for the deletion of personal data in relation to the whole range of their activities...

Continue reading

Aimilios Koronaios | Attorney at Law | 2024