

Sections
Highlight
Spanish data protection authorities have fined a company 5,000 euros for sending an email to clients of an employee telling them "he had stopped providing services because he had been dismissed for disciplinary reasons due to professional malpractice".
Initially, the Spanish Data Protection Agency (AEPD) sent this complaint to the company so it could investigate it and inform it within one month of the actions taken to adapt to the requirements set out in the data protection regulations.
The case was taken up by the person in charge of the business and on 10 December 2021 he responded by pointing out, among other issues, he had communicated the name, first surname and corporate email address of the worker to the clients to whom he had been providing his services as an employee and that this communication "was made in the legitimate interest of both the entity complained of and the clients of said entity, to whom the claimant provided tax advice".
On 13 November 2021, the employee's claim was accepted for processing. On 8 January 2024, it was agreed to initiate proceedings against the company.
In its ruling the AEPD claimed more information was divulged than was necessary and "it is not justifiable" to communicate the cause for which the worker has been dismissed. The AEPD considered the reasons why an employee is dismissed as a "private matter that only concerns both parties involved and not third parties".
The AEPD said according to the response provided by the company, it acknowledged the cause of termination had been communicated to clients, but did not indicate a willingness to adopt measures to ensure it does not happen again.
The company must pay a 5,000-euro fine, which can be reduced to 3,000 for prompt payment.
Publicidad
Publicidad
Publicidad
Publicidad
Esta funcionalidad es exclusiva para registrados.
Reporta un error en esta noticia
Comentar es una ventaja exclusiva para registrados
¿Ya eres registrado?
Inicia sesiónNecesitas ser suscriptor para poder votar.