News

🇪🇸 🔍 Error: HR Data Displayed on a Company Bulletin Board!

Source : PS 00467-2023
❌ €70,000 Fine by the AEPD

During union elections, the company INTERURBANA DE AUTOBUSES mistakenly displayed employees' personal data on a bulletin board instead of the electoral register.

📌 Facts

📢 An employee filed a complaint with the AEPD against their employer for disclosing personal data.
🔎 Published information: name, surname, seniority date, date of birth, gender, postal address, etc.
👀 Data accessibility:
• Visible to employees but also from outside through a window.
 • Risk of third-party consultation.
⚠️ The company acknowledged an HR department error, which disclosed a complete employee register instead of a simple electoral list. However, it disputes the accessibility of the data from outside.

🚨 Identified Violations

1️ Violation of the principle of data minimization (Article 5.1.c of the GDPR)

·       ❌ Unnecessary disclosure of personal information.

·       🛑 The AEPD emphasizes that even if only two addresses were disclosed, a single case is enough to constitute an infraction.

2️ Uncontrolled data accessibility

·       👁️ The data could be viewed by multiple individuals, including third parties.

·       🛠️ Lack of technical and organizational measures to prevent this exposure.

3️ Lack of diligence in personal data management

·       🔐 Failure to implement measures ensuring data security and confidentiality.

·       📜 Violation of Article 5.2 of the GDPR regarding proactive responsibility.

⚖️ Consequences and Sanctions

💰 Fine: €70,000 for non-compliance with the data minimization principle.
📌 Obligation to comply: INTERURBANA DE AUTOBUSES must implement corrective measures within 6 months, or face further sanctions.

📢 Conclusion

✅ This case highlights that companies must be vigilant in handling and displaying personal data.
✅ Even an administrative error can lead to severe penalties in case of GDPR non-compliance. ✅ Implementing proper data protection measures is crucial to avoiding such situations.