12 August 2019
… which did not meet the criteria set out in Art. 7 GDPR and also violated its duty to provide information pursuant to Art. 13, 14 GDPR. Moreover, despite handling sensitive data, no data protection impact assessment, pursuant to Art. 35 GDPR, was carried out. The administrative fine is not final …
23 October 2019
… on the basis of the evidence that ÖPAG had violated the GDPR by processing personal data on the alleged political … purpose of direct marketing, as this is not covered by the GDPR. These violations of the GDPR were committed unlawfully and culpably, which is why …
31 October 2019
… 40,000 on a public entity for failure to comply with the GDPR. The reason for imposing the fine was that the mayor of … of the Office concluded that Article 28 (3) of the GDPR had been violated. This provision obliges the … of lawfulness of processing (Article 5(1)(a) of the GDPR) and the principle of confidentiality (Article 5(1)(f) …
12 January 2023
… decisions were adopted on the basis of Art. 65(1)(a) GDPR, after the IE DPA as lead supervisory authority (LSA) … concerning the legal basis for processing (Art. 6 GDPR), data protection principles (Art. 5 GDPR), and the use of corrective measures including fines. …
… context of scientific research Study on the enforcement of GDPR obligations against entities established outside the EEA but falling under Article 3(2) GDPR Study on the national administrative rules impacting … study on the appropriate safeguards under Article 89(1) GDPR for the processing of personal data for scientific …
3 September 2019
… non-compliance with the General Data Protection Regulation (GDPR), nonconformity with data subjects rights to erasure … comply with an order issued by the DSI in accordance with GDPR Article 58(2)(c) and (g) and Article 23 of the Personal … with the rights of the data subject in accordance with GDPR Article 17 – data subject right to obtain from the …
15 April 2024
… Key Findings The French SA found several breaches of the GDPR: Failure of the obligation to have a legal basis for processing data (Article 6 GDPR). The misleading appearance of the data collection … not have a valid legal basis for data collection (Article 6 GDPR) for commercial prospecting by phone calls. It also …
5 May 2022
… Right to erasure (Article 17) Decision: Infringement of the GDPR: article 12.1 and 12.3 GDPR Key words: Search engine - delisting request Summary … Spain case law, the applicability of Article 3.1. of the GDPR (not contested by the Google parties) and the useful …
23 November 2021
… should be consistent with the obligations laid down in the GDPR and should facilitate the compliance of cloud service providers and their clients with the GDPR, also considering the Schrems II ruling. … During … should be consistent with the obligations laid down in the GDPR and should facilitate the compliance of cloud service …
5 July 2018
… (ICANN), providing guidance to enable ICANN to develop a GDPR-compliant model for access to personal data processed … personal data concerning registrants in compliance with the GDPR, without leading to an unlimited publication of those … (ICANN), providing guidance to enable ICANN to develop a GDPR-compliant model for access to personal data processed …
30 June 2022
… regarding the structural and procedural enforcement of the GDPR and its work to promote and safeguard data protection … concerning Accor SA. In accordance with Art. 65 (5) GDPR, the EDPB will publish its decision on its website … concerning Accor SA. In accordance with Art. 65 (5) GDPR, the EDPB will publish its decision on its website …
21 December 2021
… of data (Article 9) Decision: Infringement of the GDPR declared and fine imposed Key words: Data sharing, … users. The Authority consider that this was contrary to the GDPR requirements for valid consent. The Authority consider … category data that merit particular protection under the GDPR. As the consents Grindr collected were not valid, …
15 January 2024
… Key Findings The French SA found several breaches of the GDPR: Failure to comply with the obligation to retain data … purpose for which it was collected (article 5.1.e of the GDPR) Failure to comply with the obligation to inform individuals (Articles 12 and 13 of the GDPR) Failure to comply with the obligation to ensure the …
29 July 2022
… a dispute resolution decision on the basis of Art. 65 GDPR . The binding decision seeks to address the lack of … with Art. 5(1)(a) and (c), 6(1), 12(1), 13, 24, 25 and 35 GDPR in respect of certain processing of children’s personal … draft decision with the CSAs in accordance with Art. 60(3) GDPR. Several CSAs issued objections pursuant to Art. 60(4) …
20 November 2020
… developed by the Commission in accordance with Art. 28 (7) GDPR and Art. 29 (7) of Regulation 2018/1725. These SCCs … data to third countries pursuant to Art. 46 (2) (c) GDPR. These SCCs will replace the existing SCCs for … 95/46 and needed to be updated to bring them in line with GDPR requirements, as well as with the CJEU’s ‘Schrems II’ …
16 June 2020
… processing of his data for marketing purposes (article 15.3 GDPR), and for not collaborating with the authority (article 31 GDPR). In a previous decision, the Belgian DPA had ordered … a complete lack of interest for both the application of the GDPR and the procedure. For this attitude, as well as the …
16 October 2019
… on the processing of personal data under Article 6(1)(b) GDPR in the context of the provision of online services to … Article 6(1) of the General Data Protection Regulation1 (GDPR) specifies that processing shall be lawful only on the … to respect the principle of fairness. 2. Article 6(1)(b) GDPR provides a lawful basis for the processing of personal …
28 May 2021
… Contractual Clauses submitted by the LT SA (Article 28(8) GDPR) Response to Mr. de Serpa Soares, … to identify a controller’s main establishment under the GDPR Letter to the European Commission on the protection of … Contractual Clauses submitted by the LT SA (Article 28(8) GDPR) Response to Mr. de Serpa Soares, …
19 December 2023
… any of the draft pledge principles would be contrary to the GDPR and the ePrivacy Directive. The draft pledging … by organisations does not equal compliance with the GDPR or ePrivacy Directive. The data protection authorities … competent to exercise their powers when necessary. Topics: GDPR e-Privacy … During its latest plenary, the EDPB adopted …
24 February 2023
… the provisions on international transfers as per Chapter V GDPR : The Guidelines clarify the interplay between the territorial scope of the GDPR (Art. 3) and the provisions on international transfers … design patterns in social media interfaces that infringe on GDPR requirements. The guidelines give concrete examples of …