Germany S&D

Jutta Steinruck

Country: Germany
Group: Progressive Alliance of Socialists and Democrats (S&D)
Party: Sozialdemokratische Partei Deutschlands (SPD)

Member of Employment and Social Affairs
Substitute of Budgets

Overview Jutta Steinruck

Amendments: 20
...stronger: 19
...weaker: 1
...neutral: 0

Amendments by Jutta Steinruck

(29a) Workers’ personal data, especially sensitive data such as political orientation and membership of and activities in trade unions, must be protected in accordance with Articles 8, 12 and 28 of the Charter of Fundamental Rights of the European Union and Articles 8 and 11 of the European Convention on Human Rights, and may under no circumstances be used to put workers on so-called ‘blacklists’ to be passed on to other enterprises with the aim of discriminating against particular workers.
1. The processing of personal data, revealing race or ethnic origin, political opinions, religion or beliefs, trade-union membershipmembership of or activity in a trade union, and the processing of genetic data or data concerning health or sex life or criminal convictions or related security measures shall be prohibited.
(b) processing is necessary for the purposes of carrying out the obligations and exercising specific rights of the controller in the field of employment law , including collective wage agreements, in so far as it is authorised by Union law or Member State law providing for adequate safeguards;
1. The controller and the processor shall designate a at least one data protection officer after obtaining the approval of the representatives of the business's employees in any case where:
(b) the processing is carried out by an enterprise employing 25050 persons or more;
(ba) the collection and processing of data relate to at least 250 data subjects per year;
2. In the case referred to in point (b) of paragraph 1, a group of undertakings may appoint a singlechief data protection officer. provided it is ensured that a data protection officer is easily accessible from each works location, and that there is at least one data protection officer per Member State.
5. The controller or processor shall , after obtaining the approval of the representatives of the business's employees, designate the data protection officer on the basis of professional qualities and, in particular, expert knowledge of data protection law and practices and ability to fulfil the tasks referred to in Article 37. The necessary level of expert knowledge shall be determined in particular according to the data processing carried out and the protection required for the personal data processed by the controller or the processor. The controller or processor shall ensure that the data protection officer has the opportunity for further training and in-service training at their expense.
7. The controller or the processor shall , after obtaining the approval of the representatives of the business's employees, designate a data protection officer for a period of at least two years. The data protection officer may be reappointed for further terms. During their term of office, the data protection officer may only be dismissed, if the data protection officer no longer fulfils the conditions required for the performance of their duties. Notwithstanding the above, the data protection officer shall enjoy special protection against discrimination and dismissal, similar to the protection afforded to employees’ representatives under national law, and may not be disadvantaged for carrying out his duties.
1. Within the limits of 1. In accordance with this Regulation, Member States may adopt by law – by enacting legal provisions – specific rules regulating the processing of employees' personal data in the employment context, in particular , but not exclusively, for the purposes of the recruitmentrecruitment and applications for posts within a group of undertakings, the performance of the contract of employment, including discharge of obligations laid down by law orand by collective agreements, company agreements and wage agreements, management, planning and organisation of work, health and safety at work, and for the purposes of the exercise and enjoyment, on an individual or collective basis, of rights and benefits related to employment, and for the purpose of the termination of the employment relationship. It shall not be permissible to provide a level of protection lower than that afforded by this regulation The right of the Member States to lay down protective provisions on the processing of personal data in the context of employment which are more favourable to employees shall be unaffected. Without prejudice to the other provisions of this regulation, the legal provisions of the Member States referred to in paragraph 1 shall at the minimum include the following minimum standards:
1a. Profiling in connection with employment shall not be permitted.
1b. Workers' personal data, especially sensitive data such as political orientation and membership of and activities in trade unions, may under no circumstances be used to put workers on so-called 'blacklists', and to vet or bar them from future employment. The processing, the use in the employment context, the drawing-up and passing-on of blacklists of employees shall be prohibited. Member States shall conduct checks and adopt adequate sanctions in accordance with Article 79(6) to ensure effective implementation of this paragraph.
1c. Surveillance to monitor the performance of employees shall be prohibited.
1d. Processing of data on employees without the employees’ knowledge shall not be permitted. The private and intimate life of employees shall always be respected.
1e. Open optical electronic surveillance and/or open acoustic electronic surveillance of parts of the business premises which are not accessible to the public and are predominantly used for purposes of an employee’s private life, particularly in sanitary facilities, changing rooms, rooms where breaks are spent and bedrooms, shall not be permitted. Open optical electronic surveillance and/or open acoustic electronic surveillance of publicly accessible parts of the business premises or parts which are not accessible to the public and are not predominantly used for purposes of an employee’s private life, such as entry halls, foyers, offices, workshops or the like, shall be permitted only to the extent that it is absolutely necessary for the safety/security of the employee and of the business. Surveillance of public parts of the business should not include surveillance of the employee in his place of work, except insofar as this is unavoidable. Before surveillance is performed, the employee shall be informed when and for how long the surveillance devices will be operated. Recordings of the surveillance shall be deleted after a short time, at the latest one month after the surveillance has taken place. Secret surveillance shall always be prohibited.
1f. If undertakings collect or process personal data in connection with statutory medical examinations and/or aptitude tests, they must, in advance, inform the applicant or employee of the purpose for which the data are to be used, and subsequently communicate the data to them together with the findings, and explain them. Collection of data for the purpose of genetic testing and analyses shall be prohibited. Collection and processing of personal data as part of medical examinations and/or aptitude tests must be necessary for the protection of health at work and preventive health care with reference to the employment relationship. The employer may not have direct access to the data. Data concerning applicants shall be treated in the same way as data concerning employees. Collection of health data in preparation for dismissal on health grounds shall be prohibited.
1g. Legal provisions may be laid down, particularly by means of collective agreements, stipulating whether and to what extent the telephone, e-mail, Internet and other telecommunications services may also be used for private purposes. Private use may also be permitted by an employment contract. If private use is permitted, processing of traffic data collected with reference to it shall only be permitted for the preservation of data security, to ensure the proper functioning of telecommunications networks and telecommunications services, and to levy charges, after the employee has been informed. Furthermore, the content of private e-mails shall not be analysed.
1h. Collection and processing of information/data concerning employees or applicants via social networks which are not specifically job application portals shall be prohibited.
1i. Data on employees which are inaccurate, whose accuracy is contested by employees or which have been collected by unauthorised means may not be used.
1j. Employees who have refused unauthorised examinations or requests for information or have given false answers to them, or who have objected to unauthorised collection/use of data on employees may not be disadvantaged.