Spanish DPA dings retailer Uniqlo $294K over GDPR violations
By Jeff Dale2024-08-19T19:25:00
Spain’s data protection authority (DPA) fined retailer Uniqlo Europe 270,000 euros (U.S. $294,000) over admitted violations of the European Union’s General Data Protection Regulation (GDPR).
The misconduct stemmed from a human resources representative at the Spanish branch of Uniqulo erroneously sending payroll information of nearly 450 current and former employees to a single employee who was requesting a copy of their paystub, the Agencia Española de Protección de Datos said in its penalty notice, dated Aug. 12.
The Spanish DPA assessed a 20 percent discount on the penalty after the company admitted its violations, with an original penalty of 360,000 euros (U.S. $394,000). The company ultimately violated Articles 5, 32, and 83 of the GDPR.