7 October 2020
… The Belgian Data Protection Authority has issued a warning and reprimand … institution for wrongful processing of personal data from the National Register. 7 October 2020 Belgium The … has the competence to take action in the case of a breach against environmental legislation, for example in the …
20 September 2019
… 20 September 2019 Poland The President of the Personal Data Protection Office imposed a fine of an amount higher … and technical measures for the protection of personal data were not appropriate to the risk posed by the … the fine, the supervisory authority concluded that the breach which took place in this case was of considerable …
7 December 2023
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 9 (Processing of special categories of personal data), Article 15 (Right to access by the data subject) … Right of access, Lawfulness of processing, Personal data breach, Right of access Summary of the Decision Origin …
15 January 2024
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 13 (Information to be provided where personal data are collected from the data subject) Decision: … facility is rented out for events or other gatherings, in breach of Article 6. Furthermore, the Icelandic SA …
8 September 2021
… national case Controller: AG2R LA MONDIALE Legal Reference: Data retention period (Article 5.1.e GDPR), Information … Key words: Insurances, data retention, information Summary of the Decision Origin … comply with articles 5-1-e, 13 and 14 of the GDPR. Decision Breach of Article 5-1-e of the GDPR The company had not …
16 June 2022
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
26 March 2019
… First fine imposed by the President of the Personal Data Protection Office 26 March 2019 Poland The President of the Personal Data Protection Office (UODO) imposed its first fine for the … of the Personal Data Protection Office considered the breach to be serious, since it concerns the fundamental …
18 February 2021
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
26 October 2021
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
24 January 2024
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Data security …
18 July 2023
… Romanian SA fines UiPath SRL for breaching Articles 25 and 32 GDPR 18 July 2023 Romania … Controller: UiPath SRL Legal references: Article 25 (Data protection by design and by default), Article 32 … Decision: Administrative fine, Compliance order Key words: Data protection by design and by default, Personal data …
4 May 2021
… green pass and it is affected additionally by several data protection shortcomings including the lack of any … Contrary to the requirements laid down in the EU General Data Protection Regulation, the decree does not specify the … of the controller of the processing at issue, which is in breach of the transparency principle and hampers or …
18 December 2019
… The Norwegian Data Protection Authority imposes a fine on the City of Oslo … of Oslo, the Nursing Home Agency, for having stored patient data from the city’s nursing homes and health centres … The case commenced when the City of Oslo sent a data breach notification to the Data Protection Authority in …
16 November 2021
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
20 November 2019
… Guidelines 4/2019 on Article 25 Data Protection by Design and by Default Guidelines 4/2019 on Article 25 Data Protection by Design and by Default Start Date: 20 … The security of personal data shall both prevent data breach incidents as well as facilitate the proper execution …
9 September 2022
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Notification of …
14 January 2021
… standard contractual clauses for the transfer of personal data to third countries for the matters referred to in … 4.3.1 Clause 1 - Data protection safeguards – Module One (Transfer controller … clauses are suspended or prohibited in the event of the breach of such clauses or if it is impossible to honour …
28 October 2021
… Decision Origin of the case Image files containing health data about people with no connection to the municipality … to staff at the health clinic. Key Findings The Norwegian Data Protection Authority noted that the municipality did … internal deficiencies in its access management. This is a breach of the requirements regarding personal data security …
29 September 2022
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Data security …
28 July 2020
… Article 5 (Principles relating to processing of personal data) Article 12 (Transparent information, communication and modalities for the exercise of the rights of the data subject) Article 13 (Information to be provided where … court bailiff with a report providing details on the GDPR breaches that he considered had been committed in this case. …