A German subsidiary of H&M was fined over €35 million ($41.3 million) for violation of the GDPR in the use of its employees’ data. It was found that since 2014, H&M had been processing a considerable amount of data about its employees’ persona life (such as holiday experiences, family issues, religious beliefs, and illness and diagnoses) which was then was used to evaluate employees’ performance and to develop profiles to make decisions on employment.
This is the biggest fine for mishandling of employees’ data in Europe.
For more information Francesca Giannoni-Crystal