Location of Reported GDPR Violation:
Netherlands
Articles Violated:
- Art. 32 GDPR: Did not use multi-factor authentication when accessing the online employer portal; security was inadequate. Employers and health and safety services were able to collect and display health data from employees in an absence system.
Source: enforcementtracker.com