Data privacy matters — H&M Germany fined for €35.2 million for GDPR violations
A retail giant, H&M Germany, was given a €35.2 million fine by The Data Protection Authority of Hamburg for violating the EU’s General Data Protection Regulation by excessive monitoring of employees’ private lives in the Nuremberg branch. Certain supervisors abused their powers by questioning their employees about their beliefs and family life. Such information was used to decide on their employment, which the court saw as a serious violation of employees’ civil rights. The entire database with information on employees’ private life was discovered because of a configuration error, and the company has decided to cooperate with authorities to ensure, taking full responsibility for the unjust practices in Nuremberg.