The Greek data protection supervisory authority has apparently imposed a fine of EUR 150,000 on PWC Business Solutions SA (PWC BS) because PWC BS had processed employee data on the basis of consent, i.e. the wrong legal basis. As a result, the processing was both unlawful and – due to the incorrectly stated legal basis – non-transparent. Furthermore, it was not possible to prove compliance with the principles, which violated the accountability principle of Art. 5 (2) GDPR.