H&M stored sensitive data about employees - must pay 367 million

The regional data protection authority in Hamburg has fined H&M a fine of SEK 367 million for unauthorized data storage of personal information about its employees, reports Nyhetsbyrån Direkt according to DI.

The message came on Wednesday after the case has been investigated during the year.

It was in February earlier this year that it was revealed that H&M had mapped and stored sensitive personal data about its employees' privacy.

The information must have been available to a wider circle of managers within the company.

The Director General of the Data Inspectorate in Hamburg, Johannes Caspar, then told SVT Nyheter that H&M "systematically and in detail" stored information about employees' health conditions, which included everything from cancer to urine leakage.

Details such as quarrels in the family, holiday experiences and information about friends and pets must also have been mapped.

Take the matter seriously

The clothing giant has made an official statement stating that they take the matter seriously and that they were the ones who reported the incident.

The personal data incident must have occurred at a service center in Nuremberg, which H&M themselves reported in October 2019.

In its interim report, where the amount has been reserved, the company now writes that the H&M group "admits that mistakes have been made at the service center and strong measures have been taken to correct what happened", the company writes in its interim report.