12 May 2023
… Infringement of the GDPR, Order to erase complainant’s data, Order to name an Article 27 representative Key words: Facial recognition; biometric data Summary of the Decision Origin of the case … The permanent storage of personal data also constitutes a breach of data minimisation principle. Article 9(1): The …
… taken by, and involving, different SAs relating to specific data subject rights. The projects are conducted by external … One-Stop-Shop case digest on Security of Processing and Data Breach Notification 18 January 2024 Publication Type: …
26 July 2019
… operations which are subject to the requirement for a Data Protection Impact Assessment under Article 35(4) of the General Data Protection Regulation (EU) 2016/679 (GDPR) Decision … used only in case of the need for analysis of incidents of breach of law. The means of public transport, the cities …
2 May 2025
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 9 (Processing of special categories of personal data), Article 13 (Information to be provided where … to the President of the Personal Data Protection Office a breach involving the loss or theft of memory cards from the …
28 November 2024
… Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 … Article 5 (Principles relating to processing of personal data) Decision: Administrative fine, Compliance order Key … Administrative fine, Data subject rights, Personal data breach, Principles relating to processing of personal data, …
21 February 2025
… reference Article 32 (Security of processing) Keywords Data security Personal data breach Outcome Dismissal/Rejection of the case …
29 April 2021
… Article 5 (Principles relating to processing of personal data) Keywords Personal data breach Data security Children Education Outcome …
20 October 2022
… AI Legal Reference: Lawfulness of processing of personal data (article 6 of the GDPR), Rights of individuals … AI formal notice to cease the collection and use of data of persons on French territory in the absence of a … Key Findings Unlawful processing of personal data (breach of article 6 of the GDPR) Individuals' rights not …
13 May 2021
… 1, letters a) and c) (lawfulness, fairness, transparency; data minimisation); Article 6 (Lawful processing); Article 9 (Processing of special category data); Article 13 (Information); Article 35 (DPIA); Article … nature of the information that had been processed in breach of the law. Additionally, the municipality was …
28 October 2021
… Reference: GDPR: Article 5 (Principles applying to personal data processing); Article 6 (Lawfulness of processing); … service; inbound calls management; trade union agreements; data minimization Summary of the … found that the company had processed its employees’ data in breach of sector-specific national law and the general …
5 May 2022
… and fine imposed Key words: special categories of personal data, unauthorised access Summary of the Decision Origin … of 21 attachments contained special categories of personal data, see Article 9 (1) of the GDPR. The municipality … Authority also received notice of a personal data breach from Lillestrøm Municipal Council on 29 September. …
28 January 2020
… Guidelines 1/2020 on processing personal data in the context of connected vehicles and mobility … reference: 1/2020 Guidelines 1/2020 on processing personal data in the context of connected vehicles and mobility … connected vehicles are critical systems where a security breach may endanger the life of its users and Adopted - …
18 December 2019
… 18 December 2019 Germany The Federal Commissioner for Data Protection and Freedom of Information (BfDI) imposed a … another case, the BfDI imposed a fine of EUR 10. 000 on Rapidata GmbH. Concerning this matter, the Federal Commissioner … The BfDI considers this authentication procedure to be in breach of Article 32 of the GDPR which obliges the company …
16 May 2024
… Article 5 (Principles relating to processing of personal data) Keywords Retention time Personal data breach Outcome Dismissal/Rejection of the case No …
7 February 2024
… Article 5 (Principles relating to processing of personal data) Article 32 (Security of processing) Keywords Clients Data security Phishing emails Personal data breach Outcome Compliance order …
27 July 2020
… on July 9th on account of several instances of unlawful data processing that were mostly related to marketing. The … similar infringements that had occurred when the previous data protection law was in force. The fine was imposed … activities to call centres, which collected data in breach of the law. The pleadings submitted by Wind Tre and …
15 June 2021
… for inadequate testing 15 June 2021 Norway The Norwegian Data Protection Authority has fined the Norwegian … GDPR violation. The backdrop for this case is that personal data about 3.2 million Norwegians was available online for … Data Protection Authority also found the incident to be in breach of the principles of legality, data minimisation and …
4 November 2021
… Article 5 (Principles relating to processing of personal data) Article 32 (Security of processing) Keywords Personal data breach Data security Fraud Third party access to personal …
4 October 2023
… Article 5 (Principles relating to processing of personal data) Article 15 (Right of access by the data subject) Article 34 (Communication of a personal data breach to the data subject) Keywords Data minimisation Data …
25 September 2025
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 … access to the IT systems was blocked, resulting in a breach of the confidentiality and availability of personal …