Spanish DPA dings retailer Uniqlo $294K over GDPR violations
By 
Jeff Dale2024-08-19T19:25:00
Spain’s data protection authority (DPA) fined retailer Uniqlo Europe 270,000 euros (U.S. $294,000) over admitted violations of the European Union’s General Data Protection Regulation (GDPR).
The misconduct stemmed from a human resources representative at the Spanish branch of Uniqulo erroneously sending payroll information of nearly 450 current and former employees to a single employee who was requesting a copy of their paystub, the Agencia Española de Protección de Datos said in its penalty notice, dated Aug. 12.
The Spanish DPA assessed a 20 percent discount on the penalty after the company admitted its violations, with an original penalty of 360,000 euros (U.S. $394,000). The company ultimately violated Articles 5, 32, and 83 of the GDPR.
Related articles
-
News BriefLithuanian DPA orders Vinted to pay $2.6M over GDPR violations
The data protection authority of Lithuania levied a fine of 2.4 million euros (U.S. $2.6 million) against Vinted UAB, an online clothing trading and exchange platform, for alleged violations of the European Union’s General Data Protection Regulation.
-
News BriefCzech DPA fines Avast $15M over GDPR violations
The Czech Republic’s data protection authority issued a fine of 351 million Czech koruna (U.S. $15 million) against antivirus software vendor Avast for alleged violations of the General Data Protection Regulation.
-
News BriefItalian DPA fines UniCredit $3M over data breach GDPR lapses
The Italian data protection authority announced a fine of €2.8 million (U.S. $3 million) against UniCredit for alleged violations of the General Data Protection Regulation regarding insufficient security measures the bank had in place during a cyberattack.
More from Regulatory Enforcement
-
ArticleFormer startup CEO gets 7 years in prison for $175M fraud against JPMorgan Chase
Charlie Javice, a former CEO who duped JPMorgan Chase into purchasing her start up company for $175 million, has been ordered to forfeit more than $22 million by the Department of Justice (DOJ) and to spend 7 years in jail.
-
ArticleGeorgia Tech to pay $875,000 for allegations brought by compliance officers
Georgia Tech Research Corp. (GTRC) has agreed to pay $875,000 to settle allegations first raised by two compliance officers that its cybersecurity protocols violated acceptable standards for defense contractors, the Department of Justice (DOJ) said.
-
ArticleTractor Supply Company hit with $1.35M fine for alleged California privacy violations
Tractor Supply Company has agreed to get into compliance with California’s consumer privacy law and to pay a $1.35 million fine—the largest yet by California—to settle allegations it violated the privacy rights of customers and job applicants.