30 June 2022
… (Articles 44 and 46). Decision: infringement of the GDPR; order to comply; order to suspend data flows to U.S.; … data transfers despite their being in violation of the GDPR. Key Findings: The Italian SA found that Caffeina … be transferred to the U.S. in violation of Chapter V of the GDPR, since the measures adopted by Google to supplement the …
26 January 2023
… of legality, fairness and transparency (Art. 5(1)(a) of GDPR), consent of the data subject (Art. 7(2) of GDPR), direct marketing (Art. 81(1) of ECL) Decision: The … was upheld, infringements of Art. 5(1)(a) and Art. 7(2) of GDPR and Art. 81(1) ECL Summary of the Decision Origin …
8 September 2021
… Legal Reference: Data retention period (Article 5.1.e GDPR), Information (Articles 13 & 14 GDPR) Decision: Fine … had failed to comply with articles 5-1-e, 13 and 14 of the GDPR. Decision Breach of Article 5-1-e of the GDPR The …
… analyse decisions related to different Articles of the GDPR and include examples of final One-Stop-Shop (OSS) … Supervisory Authorities (SAs) work together to enforce the GDPR. They offer an opportunity to read final decisions … Publication Type: Support Pool of Experts projects Topics: GDPR enforcement Cooperation between authorities English …
6 December 2022
… three dispute resolution decisions on the basis of Art. 65 GDPR concerning Meta Platforms Ireland Limited (Meta IE). … in ensuring the correct and consistent application of the GDPR by the national Supervisory Authorities. The Irish SA … among others, the legal basis for processing (Art. 6 GDPR), data protection principles (Art. 5 GDPR), and the use …
29 March 2021
… investigation under the General Data Protection Regulation (GDPR), in February 2021 imposed a fine for improper … for infringements of Article 32(1) (b) and (c) of the GDPR, namely failure to ensure the ongoing integrity, … to the risk, infringement of Article 32(1)(b)(c) of the GDPR, and also taking into account the factors listed in …
24 April 2020
… into the possibility of relying on a derogation of Art. 49 GDPR to enable international flows. The EDPB tackled this … research. In its letter, the EDPB reiterates that the GDPR allows for collaboration between EEA and non-EEA … decisions or appropriate safeguards (included in Article 46 GDPR) should be favoured, according to the EDPB. However, …
7 December 2023
… adopted an order imposing a temporary ban under Art. 66 (1) GDPR on Meta IE and Facebook Norway AS (“Facebook Norway”) … EDPB concluded that there are ongoing infringements of the GDPR and there is an urgent need to act in light of the … found that there was an ongoing infringement of art. 6 (1) GDPR because of the inappropriate use of the legal bases of …
7 December 2023
… request, hence the Company breached Article 12(3) GDPR when they failed to meet the Complainant’s erasure … right to erasure according to Article 17(1)(b) GDPR. The Company also failed to meet the requirements of … newsletter database, so the Company breached Article 25(1) GDPR. Decision The Hungarian Supervisory Authority …
25 November 2020
… decision to specify certain viewpoints, the primacy of the GDPR as EU law resulted in the decision that a priori analysed potential breaches of the GDPR. Decision of the Litigation Chamber The litigation … were not processed in a lawful way under article 6.1.f. GDPR, as there were legitimate interests for the defendants …
20 January 2023
… relating to processing of personal data (Article 5 GDPR), Lawfulness of processing (Article 6 GDPR), Conditions for consent (Article 7 GDPR), Transparency and information obligations (Articles 12 …
20 January 2023
… OÜ Legal Reference: Lawfulness of processing (Article 6 GDPR), Information to be provided where personal data are collected from the data subject (Article 13 GDPR) Decision: precept, … whether it complies with the requirements in the GDPR. Estonian SA evaluated and analysed the documents, that …
22 May 2023
… Authority (IE DPA). This fine, which is the largest GDPR fine ever, was imposed for Meta’s transfers of personal … to bring its data transfers into compliance with the GDPR. Andrea Jelinek, EDPB Chair, said: “The EDPB found that … bring processing operations into compliance with Chapter V GDPR, by ceasing the unlawful processing, including storage, …
26 January 2021
… fine of NOK 100 000 000 for not complying with the GDPR rules on consent. - Our preliminary conclusion is that … to users. We consider that this was contrary to the GDPR requirements for valid consent. - Grindr is seen as a … magnitude as our findings suggest grave violations of the GDPR. Grindr has 13.7 million active users, of which …
… of the General Data Protection Regulation (hereinafter: GDPR) 1 . The aim of the coordinated enforcement action is … data protection officers are in accordance with Art. 37-39 GDPR and they have the resources needed to carry out their … protection officer in any case pursuant to Art. 37 1. (a) GDPR 2 . The Authority intends to implement the CEF in the …
19 February 2021
… that CAIXABANK had violated Articles 13 and 14 of the GDPR. Following Article 83 (5) b of the GDPR, a fine of 2.000.000 EUR was imposed. When deciding on … that this constituted a breach of Article 6 of the GDPR, and according to Article 83 (5) a of the GDPR, an …
… Leaflet Cooperation & consistency procedures under the GDPR Article 65 FAQ One-Stop-Shop Procedure Urgency … Leaflet Cooperation & consistency procedures under the GDPR Article 65 FAQ One-Stop-Shop Procedure Urgency …
25 May 2018
… the greatly anticipated General Data Protection Regulation (GDPR) entered into application and its pre-decessor … role is to safeguard the consistent application of the GDPR, but it has additional competences. It advises the … will be crucial for the success and effectiveness of the GDPR. Agenda First Plenary 224.3KB English Изтегляне … Draft …
12 August 2019
… which did not meet the criteria set out in Art. 7 GDPR and also violated its duty to provide information pursuant to Art. 13, 14 GDPR. Moreover, despite handling sensitive data, no data protection impact assessment, pursuant to Art. 35 GDPR, was carried out. The administrative fine is not final …
23 October 2019
… on the basis of the evidence that ÖPAG had violated the GDPR by processing personal data on the alleged political … purpose of direct marketing, as this is not covered by the GDPR. These violations of the GDPR were committed unlawfully and culpably, which is why …