Details:
| Summary | The Spanish DPA (AEPD) has imposed a fine of EUR 3,000 on a hotel operator. The controller had installed video surveillance cameras which, among other things, also covered the public space and parts of the hotels pool area. The DPA considered this to be a violation of the principle of data minimization. In addition, the controller did not comply with its duty to properly inform about the CCTV. |
| Link: | link |
| Related articles: | Art. 5 (1) c) GDPR, Art. 13 GDPR |
| Type: | Non-compliance with general data processing principles |
| Fine: | EUR 3,000 |
| Sector | Accomodation and Hospitalty |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/