18 December 2019
… rights. The European General Data Protection Regulation (GDPR) gives us the opportunity to decisively punish … procedure to be in breach of Article 32 of the GDPR which obliges the company to take appropriate technical … comply with its legal requirement under Article 37 of the GDPR to appoint an internal data protection officer. When …
… particular the record-keeping obligation under Art. 30(5) GDPR Statement 2/2025 on the implementation of the PNR … down additional procedural rules for the enforcement of the GDPR Statement 3/2024 on data protection authorities’ role … for clarifications on the consistent application of the GDPR, focusing on health research Letter to the Council of …
2 September 2020
… the processing of personal data to the provisions of the GDPR by discontinuing making available on the GEOPORTAL2 … with them. In accordance with Article 5(1)(a) of the GDPR, personal data must be processed lawfully, fairly and … where at least one of the conditions indicated in Art. 6 GDPR is met. In the course of the proceedings, GGK did not …
5 August 2020
… breach or to mitigate its adverse effects (Art. 33 (3) (d) GDPR) The passwords of the affected accounts have been … or public communi- cation (Art. 34(1) or Art. 34(3) (c) GDPR) The controller has notified all data subjects and … the incident occurred, e.g. encryption (Article 34 (3) (a) GDPR) No particular measures beyond the standard IT security …
7 September 2022
… of processing (Article 32) Decision: Infringement of the GDPR; administrative fine Key words: Security of Processing, … identity did indeed constitute a violation of article 32 GDPR. However, these security issues were resolved in less … article 5.2, article 24.1, article 32,1 and article 32.2 GDPR. The Litigation Chamber acknowledged the fact that the …
5 November 2024
… the Irish Data Protection Authority under Art. 64 (2) GDPR. EDPB Chair Anu Talus said: “During the stakeholder … the Irish Data Protection Authority under Art. 64 (2) GDPR. EDPB Chair Anu Talus said: “During the stakeholder …
21 October 2020
… Data Protection Regulation (hereinafter referred to as the “GDPR”). The fine was imposed for infringements of Articles 5(1)(d) and 5(1)(f) of the GDPR, i.e. a failure to implement appropriate technical and … erased or rectified without delay (Article 5(1)(d) of the GDPR), and the principle of integrity and confidentiality …
21 March 2019
… the data subjects, pursuant to Article 33-34 of the GDPR. The NAIH launched an administrative control procedure, … regarding to Article 9 (1) and Article 33 (1) of the GDPR and the Hungarian Privacy Act Section 60 (1). DK was on … €) to DK for violating the provisions Article 33-34 of the GDPR because DK did not notify the high risk personal data …
18 October 2021
… in the public interest in accordance with Article 89(1) GDPR and if the erasure is likely to render impossible or … of the objectives of that processing (Article 17(3)(d) GDPR). The SA emphasised, that the above mentioned act … be considered as appropriate safeguards according to 89(1) GDPR. The SA decided that the Batismal Register is an …
22 June 2021
… for violation of the General Data Protection Regulation (GDPR). This case concerns insufficient risk assessment and … that the bank did not meet the requirements of the GDPR for risk assessment and appropriate technical measures … risk assessment and testing as required by the law. The GDPR requires that the data controller carry out risk …
20 May 2022
… 12(1), 13, 21(1), 21(2), 24(1), 25(1), and 25(2) of the GDPR, Order to comply with the above Articles, Imposing … the serious infringement of numerous articles of the GDPR for a long period, ordered the data controller to stop … continue the data processing if made compliant with the GDPR, and issued an administrative fine in HUF equal to …
28 November 2024
… was inconsistent with the applicable provisions of the GDPR, due to an incorrectly conducted risk analysis, which … such as a risk register or confirmations of monitoring of GDPR procedures. However, the rules for using external data … for infringement of Articles 5, 24, 25 and 32 of the GDPR. What is more, appropriate organisational and technical …
12 February 2019
… taken into consideration. Since the EDPB is required by the GDPR (art. 70(4)) to make the results of this consultation … such data, and repealing Directive 95/46/EC (hereinafter “GDPR”), Having regard to the EEA Agreement and in particular … OPINION: 1 INTRODUCTION 1. Regulation 2016/6791 (“the GDPR”) came into effect on 25 May 2018. One of the main …
… Processing of Personal Data pursuant to Art. 42 GDPR (‘GDPR – information privacy standard’), Version 0.9.7 Opinion … IT-supported processing of Personal Data pursuant to art 42 GDPR (‘GDPR – information privacy standard’)” presented 2 …
26 November 2021
… of processing (Article 32). Decision: Infringement of the GDPR, Fine Key words: Principles, Lawfulness of processing, … on its own initiative whether the project complied with the GDPR. Key findings In its decision, the Icelandic DPA notes … the processing as well as the multiple infringements of the GDPR. The Ministry of Industries and Innovation was fined …
7 October 2019
… of accuracy) of the General Data Protection Regulation (GDPR). It therefore imposed an administrative fine of EUR … for direct marketing purposes (Article 21 (3) of the GDPR) as well as Article 25 (data protection by design) of the GDPR and imposed an administrative fine of EUR 200.000 on …
30 January 2020
… public consultation. The guidelines aim to clarify how the GDPR applies to the processing of personal data when using … devices and to ensure the consistent application of the GDPR in this regard. The guidelines cover both traditional … posed by the use of algorithms, an overview of the relevant GDPR provisions and existing guidelines addressing these …
20 December 2019
… an infringement of the General Data Protection Regulations (GDPR). The ICO launched its investigation into Doorstep … considered the contravention from 25 May 2018, when the GDPR came into effect. Doorstep Dispensaree has also been … Act 2018 (DPA2018), the General Data Protection Regulation (GDPR), the Freedom of Information Act 2000 (FOIA), …
3 November 2021
… of processing (Article 32) Decision: Infringement of the GDPR, Order to comply Key words: Loss of … a violation of Article 5.1.f) and Article 32 of the GDPR, for which the telephone company is responsible. The … of processing (Article 32) Decision: Infringement of the GDPR, Order to comply Key words: Loss of …
1 December 2019
… been made. This is, however, mandatory under Art. 37 (7) GDPR. Violations of this requirement are subject to a fine in accordance with Art. 83 Para. 4 lit. a) GDPR. The fine may sound low at first sight. However, … been made. This is, however, mandatory under Art. 37 (7) GDPR. Violations of this requirement are subject to a fine …