H&M's privacy violations included extensive staff surveys, with details of holidays, medical symptoms and diagnoses for illnesses, the year-long investigation by the Data Protection Authority of Hamburg (HmbBfDI) found. Some managers also sought further private details in informal chats, including family issues or religious beliefs, which were then stored and used to evaluate work performance and make employment decisions. "This is a case that showed a gross disregard" of data-protection rules in Germany, HmbBfDI head Johannes Caspar said. The large fine was "justified and should help to scare off companies from violating people's privacy", he added.
https://media.mstdn.social/media_attachments/files/111/278/911/673/504/816/original/f1b17e466d8ed53c.jpeg