Details:
| Summary | The DPA from Luxembourg (CNPD) has imposed a fine of EUR 1,900 on a company. The controller had installed a video surveillance system to protect the company’s assets and prevent entry by unauthorized persons. However, the cameras also excessively captured parts of the public space. The DPA finds that the controller thus violated the principle of data minimization under Article 5 (1) c) GDPR. In addition, the DPA finds that the controller stored the recordings longer than legally permitted and thus violated Art. 5 (1) e) GDPR. |
| Link: | link |
| Related articles: | Art. 5 (1) c), e) GDPR |
| Type: | Non-compliance with general data processing principles |
| Fine: | EUR 1,900 |
| Sector | Not assigned |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/