Current Issues
Administrative fine imposed on higher education institution for data protection violations connected to processing of location data recorded as part of working hours monitoring
The Office of the Data Protection Ombudsman's sanctions board imposed an administrative fine on a university of applied sciences for processing employee location data in violation of data protection legislation. The controller processed location data of its employees unnecessarily and without legal grounds using a mobile application intended for recording working hours. The Deputy Data Protection Ombudsman also ordered the controller to end the processing of location data.
Show moreOffice of the Data Protection Ombudsman makes first decision as lead supervisory authority in a cross-border case – right of access implementation did not comply with data protection rules
The Data Protection Ombudsman has ordered Nissan Nordic Europe Plc to correct its practices regarding the data subject's right of access to data. The controller did not provide information to a customer who had requested access to their personal data within the deadline set by the General Data Protection Regulation (GDPR). This is the first ruling by the Data Protection Ombudsman in a cross-border case involving the processing of personal data of data subjects residing in several EU countries.
Show more