Tweet
OK i have a friend who is or was an area manager for Lidl for over 20 years until very recently. He recently took a couple of weeks holiday and passed the company labtop over to a person who would be filling in for him while he was on holiday , I'm assuming that the person taking over his duties would need the works laptop to be able to carry on his workload / duties etc. I'm not exactly 100% sure what information is held on the laptop, or how important it was for the laptop to be passed on, or even if the person taking over his duties would even be able to do the job properly without it. Anyway he got suspended for apparently breaking data protection rules and has now actually been sacked , seems extremely draconian to sack someone for this who has given 20 years service as an area manager. He is coming up to retirement age , and apparently they have done the same thing with a couple of other long standing employees , albeit for different reasons. Surely a company the size of Lidl must have done their homework before sacking him , or could they actually be in the wrong ,
Loading...
-
Tags: None -
You need to be much clearer on the facts,
what information is on the laptop that's breaches data protocols?
what happened on previous periods of holidays?
what protocols have other area managers followed in the same situation?
what does the area managers manual say?
is there a form to be filled in for the handover?
does area manager regional office need to be informed?
has the area manager raised an appeal?
is the area manager in a Union?
Clearly it seems very harsh. From what's been said, the company seems to be doing it before employees retirement.
-
Hello. Now I'm not saying either side is wrong or right, but just hear me out. Any information that refers to an identifiable person or an organisation can (and should) be classed as data. It could be an address, email, phone number, bank details, loyalty card number, pretty much anything. So, considering the level of damage this can cause a company (see below for the level of financial penalties they can face) it's not surprising that companies can get more than a a little twitchy about it.
"The GDPR establishes two tiers of administrative fines that can be imposed for violations: Up to €10 million or 2% of annual global turnover, whichever is higher for less serious infringements. Up to €20 million or 4% of annual global turnover, whichever is higher for more serious infringements."
I'm assuming the laptop has some form of company system on it, and that system has 'data' stored within it. The company (Lidl) has a legal obligation to ensure that all data processed by them is done so in line with GDPR as the 'controller' of the data, and it must have a data protection policy in place that explains this. All employees that are allowed to use this data are known as 'processors' and must be made aware of the data protection rules that the company has in place. This is usually in the form of a procedural sign off, a written statement you sign to say that you've see and understood it.
If the company can say that it reasonably believes that this person knew the rules and knowingly decided to go against them, then the chances are that they will be deem as to have acted in a fair and reasonable manner. This is a very simplified way to explain it, as GDPR is a quite complex piece of legislation. I hope it explains things a little bit though.
Comment
Welcome to LegalBeagles
LegalBeagles is a free forum, founded in May 2007, providing legal guidance and support to consumers and SME's across a range of legal areas.
See more
See less
Comment