6 August 2019
On 30 July 2019, the Greek Data Protection Authority (the "Greek DPA") issued a fine of €150,000 against PwC as a result of breaching of the GDPR rules in processing personal data of its employees
The Greek DPA initiated an investigation regarding the processing of personal data by PwC following a complaint submitted against the company.
From the public information it appears that the investigation was limited to the processing of personal data of PwC's employees, with a focus on the legal basis used to legitimate the data processing operations.
Following the investigation, the Greek DPA gave PwC 3 months to comply with a series of corrective measures as to bring the processing operations of its employees’ personal data to compliance with the provisions of the GDPR and also applied a €150,000 fine as a sanctioning measure.