GPS in company cars: the line between control and GDPR violation
Table of Contents
GPS in company cars: a control tool or a trap?
Have you ever thought that the GPS on your company car could be used to spy on you? It's not fantasy: in Italy, many employers install geolocation devices without respecting GDPR rules. The result? Heavy fines and privacy violations.
But all is not lost. In this article, we explain when control becomes illegal and how to defend yourself.
When does GPS violate GDPR?
The General Data Protection Regulation (GDPR) is clear: geolocation data is personal data. To use it, the employer must have a valid legal basis. Usually, legitimate interest or consent is invoked. But be careful: consent is never free in an employment relationship.
According to the Italian Data Protection Authority, GPS can only be used for specific purposes, such as worker safety or fleet management. Never to monitor breaks or personal routes.
Featured Snippet Bait: Is GPS in a company car always legal?
No, not always. GPS is legal only if the employer informs the worker transparently, respects the principle of proportionality, and obtains a valid legal basis (e.g., legitimate interest). Otherwise, it constitutes a GDPR violation, with penalties up to 20 million euros or 4% of annual turnover.
Risks for the worker
If GPS is used unlawfully, the worker risks: continuous surveillance, breach of confidentiality, and even dismissal on false grounds. But there's more: geolocation data can be used in court against you if it wasn't collected correctly.
That's why it's important to know how to defend yourself.
How to defend yourself: your rights
First, check if your employer informed you in writing about the GPS installation. If not, it's already a violation. Then, verify if the device records personal data (e.g., speed, routes, stops). If so, it might be excessive.
You can also ask the employer to delete unnecessary geolocation data or limit its use. If you don't get a response, contact the Data Protection Authority.
Finally, remember: GPS cannot be used to monitor your productivity or personal habits. If it does, it's a GDPR violation.
Compared to the American model, the California CCPA and CPRA offer similar protections but with a different approach: while GDPR requires a specific legal basis for each processing, the CCPA focuses on the right to opt-out and transparency. In practice, GDPR is more restrictive for employers, while the CCPA gives consumers more power to choose how their data is processed. If you work for an American company in Italy, you must comply with both regulations.
FAQ
- Can the employer install GPS without telling me? No, they must inform you in writing and obtain a valid legal basis.
- Can I refuse to use the company car with GPS? It depends on the contract. If the GPS is proportionate, you cannot refuse, but you can ask for guarantees.
- What should I do if I discover the GPS is used to monitor me? Gather evidence, contact a lawyer, and report to the Data Protection Authority.
Don't let GPS become a trap. With NakedPact, you can verify if your employer complies with GDPR and get personalized legal assistance. Start now.
Legal GPS Test
Answer these questions to see if the GPS on your company car is GDPR-compliant:
- ✅ Were you informed in writing?
- ✅ Does the GPS only record route data?
- ✅ Are the data deleted after 30 days?
- ✅ Is it not used to monitor breaks?
If you answered 'no' to any question, you might be a victim of a violation.
The widget above helps you with an initial screening. If you answered 'no' to one or more questions, it means your employer might not be complying with GDPR. In particular, written information is mandatory (Art. 13 GDPR). Data deletion after 30 days is good practice but not always required. Monitoring breaks is prohibited because it violates the principle of proportionality. If you want to delve deeper, contact a lawyer specialized in privacy or use NakedPact for a quick consultation.

NakedPact Editorial Committee
Article created by the NakedPact editorial team. Our mission is to analyze, simplify, and expose unfair terms and hidden risks in everyday contracts to protect citizens and consumers.
Sources and Legal References

Do you own a website?
Want to communicate your data processing transparency to your users? Dynamically use our badge and showcase your platform's compliance.
Recommended Readings
🛡️ Protect your rights with one click
Don't risk signing abusive clauses. Install the free NakedPact extension for Chrome or Firefox and instantly analyze any contract on the web.
Don't trust, verify.
Now that you know the risks, don't sign blindly. Upload your contract to NakedPact and let AI find the hidden clauses for you. It's 100% free.
Analyze Your Contract Now