Alex van der Wolk spoke to SC Magazine about the Data Protection Authority of Hamburg’s $41.5 million penalty against Swedish apparel retailer H&M for collecting personal data on its employees at a company service center in Nuremberg, sending a clear message to all businesses that privacy guidelines under the GDPR extend to their own workforce.
“Companies are often focused on customer data, more so than employee data processing,” Alex said. “This has everything to do with the fact that employee data processing has traditionally been straightforward – focused on compensation, HR administration.”
He added that German Data Protection Authorities have had a tendency “to issue high fines in recent years” in an attempt to crack down on irresponsible data collection and management.
Read the full article.