GERMANY DPA: Data Protection Authority of Berlin

In order to combat the Covid 19 pandemic, a restaurant had put out an open list in which visitors had to enter their contact data. A restaurant employee obtained first names, last names, and phone numbers of women from the contact lists in order to contact the women privately and ask them about their relationship status, among other things. The DPA determined that the use of personal data from contact lists for infection control documentation outside of contact tracing was unlawful and therefore imposed a fine.

GDPR Articles: Unknown
Industry: Accomodation and Hospitality