Subjects
Annual Updates Subcategories
Anti-Bribery & Compliance
Anti-Trust & Competition
Data Protection & Privacy Subcategories
Disputes and Grievances
Employment Law
Employment Status Subcategories
Equality, Diversity and Equal Rights Subcategories
Industrial & Workplace Relations Subcategories
International Mobility Subcategories
Protection of Business Interests Subcategories
Recruitment, Termination of Employment Subcategories
Remuneration Subcategories
Social Security Contributions
Working Hours & Pay Subcategories
Workplace Culture Subcategories
Jurisdictions
Americas Subcategories
APAC Subcategories
Cross Border
EMEA Subcategories
Global

Germany: Dismissal for a breach of GDPR

By - - Data Protection & Privacy, Recruitment, Termination of Employment

In a recent case, a director of a German company was dismissed without notice for violating his duties by forwarding internal company emails containing personal and sensitive company information, to his external private email address. 

The director challenged the validity of the termination without notice.

The Court held:

The termination was valid by reference to the GDPR alone – sending the emails to a private account amounted to unlawful processing of personal data.  The Court regarded this a serious breach of the privacy duty, as the private server did not meet the required security standards.

However, the private storage of the information was not, in this case at least, sufficient to constitute a breach of the director’s legal and contractual confidentiality obligations to the company, because there had been no disclosure to third parties.   

It is critical that employers ensure that employees are fully aware of their obligations under the GDPR, as well as their obligations of confidentiality generally.   

This is high level general update only. Legal advice should be obtained on specific circumstances.
Scroll to Top