Enforcement
EN Restaurant owner: Non-compliance with general data processing principles
€600 fine - Spanish Data Protection Authority (aepd)
Content
The Spanish DPA (AEPD) has imposed a fine of EUR 600 on a restaurant owner. The controller had installed video surveillance cameras which, among other things, also covered the public space. The DPA considered this to be a violation of the principle of data minimization. In addition, the controller did not comply with its duty to properly inform about the CCTV.
GDPR Articles: Art. 5 (1) c) GDPR, Art. 13 GDPR
Industry: Accomodation and Hospitality