Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
Italy: Garante fines Shardana Working €20,000 for unlawful handling of employees' DSAR
On October 10, 2023, the Italian data protection authority (Garante) announced in its newsletter its Decision No. 403 in which it fined Shardana Working Soc. Coop. a r.l. €20,000, for violations of the General Data Protection Regulation (GDPR), following a complaint by three individuals employed by the company.
Background to the decision
The Garante stated that the three employees had requested Shardana Working to access the data collected through the smartphones provided by the company to its employees on which a geolocation system had been installed and that Shardana Working had failed to respond to the access requests.
Findings of the Garante
The Garante determined that Shardana Working had failed to provide a suitable response, despite the clarity and analytical nature of the requests. The Garante also found that Shardana Working had not adequately informed the employees of the data processed through the GPS installed on their smartphones. In this regard, the Garante highlighted that even if Shardana Working deemed that it could not fully respond to the employees' requests, it should have at least indicated the specific reasons why it could not comply with the access requests.
As such, the Garante found Shardana Working in breach of Articles 12 and 15 of the GDPR.
Outcomes
As a result, the Garante fined Shardana Working €20,000 and ordered the same to provide the complainants with the data related to the specific geographical readings/coordinates made with the smartphone GPS and all the information related to the processing requested.
You can read the newsletter here and the decision here, both only available in Italian.