A total of 41 fines have reportedly been issued for GDPR violations across the various German states.

Violations included:

  • A clinic accidentally handed over a copy of a severely handicapped person’s ID card to the wrong patient.
  • Bank customers were able to see the bank statements of third parties in online banking.
  • Web shop customer data was copied without authorization following a hacker attack.
  • A hotel could not rule out that by an extortionate hacker attack, credit card or other customer data from its booking system fell into the wrong hands.
  • In a fire department of the country Bremen all phone calls were recorded, not only the emergency calls, but all outgoing and incoming calls.
  • Advertising mails, Dashcam use as well as open E-Mail distributors were the subjects of fines.

Details from Handelsblatt.