24 February 2023
… the provisions on international transfers as per Chapter V GDPR : The Guidelines clarify the interplay between the territorial scope of the GDPR (Art. 3) and the provisions on international transfers … design patterns in social media interfaces that infringe on GDPR requirements. The guidelines give concrete examples of …
23 January 2025
… Key Findings The CNIL found several breaches of the GDPR: Failure to comply with the obligation to have a legal basis (Article 6 of the GDPR) Failure to comply with the obligation to define and … to the purpose of the processing (Article 5-1-e of the GDPR) Failure to comply with the obligation to provide …
28 May 2021
… Contractual Clauses submitted by the LT SA (Article 28(8) GDPR) Response to Mr. de Serpa Soares, … to identify a controller’s main establishment under the GDPR Letter to the European Commission on the protection of … Contractual Clauses submitted by the LT SA (Article 28(8) GDPR) Response to Mr. de Serpa Soares, …
20 November 2020
… developed by the Commission in accordance with Art. 28 (7) GDPR and Art. 29 (7) of Regulation 2018/1725. These SCCs … data to third countries pursuant to Art. 46 (2) (c) GDPR. These SCCs will replace the existing SCCs for … 95/46 and needed to be updated to bring them in line with GDPR requirements, as well as with the CJEU’s ‘Schrems II’ …
14 November 2019
… výklad obecného nařízení o ochraně osobních údajů (nařízení GDPR), který by úřady pro ochranu údajů v Evropském … místní působnosti právního rámce (podle článku 3 nařízení GDPR). Pokyny upřesňují uplatňování nařízení GDPR v různých situacích, např. když je správce nebo …
27 January 2020
… of personal data", as defined under Article 9(1) of the GDPR. Providing personal data to an automated system, … needs to be in line with the principles defined in the GDPR. The controller carried out an impact assessment of the … issues with specific rules in line with article 88 of the GDPR. After assessing all the elements gathered for the …
22 May 2019
… EDPB Video 22 May 2019 EDPB 1 year ago, the GDPR entered into application, but what has changed for you? … answer to these questions in a nutshell: … 1 year ago, the GDPR entered into application, but what has changed for you? …
4 November 2019
… conjunction with Article 5 paragraph (1) letter f) of the GDPR, which lead to the application of an administrative … the provisions of Article 32 paragraph (1) letter d) of the GDPR. In this context, we mention that Article 25 paragraph (1) of GDPR provides the following: ”Taking into account the state …
5 November 2019
… for violations of the General Data Protection Regulation (GDPR). During on-site inspections in June 2017 and March … and nine months after the start of application of the GDPR, the company was still unable to either demonstrate a … imposition of a fine for an infringement of Article 25 (1) GDPR and Article 5 GDPR during the period between May 2018 …
31 May 2023
… national case: National case Legal references: Art. 5(1)(a) GDPR, Art. 15 (1)(h) GDPR, Art. 22(3) GDPR Decision: Administrative fine Key words: Algorithms, …
20 July 2022
… case Controller: Clearview AI Inc. Legal Reference: GDPR: Article 3: Territorial scope. Article 5(1)(a) and (2): … not established in the Union. Decision: Infringement of the GDPR, Administrative fine. Key words: Web scraping, Images … and transparency (art. 5 paragraphs 1(a) and (2), 6, 9 GDPR) and its obligations under Articles 12, 14, 15 and 27 …
2 February 2024
… to be collected in compliance with the requirements of the GDPR. During the investigations, the company provided the … of any legal basis. The French SA found two breaches of the GDPR: Failure to comply with the obligation to have a legal basis for the processing of data (Article 6 of the GDPR) Failure to comply with the obligation to implement a …
9 January 2025
… Key Findings The CNIL found several breaches of the GDPR: Failure to comply with the obligation to have a legal basis (Article 6 of the GDPR) Failure to comply with the obligation to define and … to the purpose of the processing (Article 5-1-e of the GDPR) Failure to comply with the obligation to provide …
12 September 2022
… Affairs, Greek Seamen’s Fund (NAT) Legal Reference: GDPR: Principles relating to processing of personal data … assessment (Article 35) Decision: Infringement of the GDPR, Reprimand, Administrative fines Key words: Ex officio … (SA), in exercising its ex officio competence under the GDPR and the national Law 4624/2019 , examined the …
10 June 2022
… of the whistle-blowing management system Legal Reference: GDPR: Art. 5, para. 1, letters a) and f) (lawfulness, … of processing); Art. 35 (DPIA). Decision: finding of GDPR infringement; imposition of administrative fine. Key … activity was found in the record referred to in Article 30 GDPR; the authentication credentials enabling the …
15 September 2023
… jen „TikTok“) porušila zásadu korektnosti zakotvenou v GDPR při zpracování osobních údajů týkajících se dětí ve … praktik společnost TikTok porušila zásadu korektnosti podle GDPR. Na tomto základě EDPB uložil irskému úřadu pro ochranu … a nařídil společnosti TikTok, aby zajistila soulad s GDPR tím, že takové praktiky odstraní. EDPB rovněž …
7 October 2020
… Register, constitutes unlawful processing (article 6.1 GDPR), as the legal ground for the processing activities in … carrying out a task in the public interest (article 6.1.e. GDPR), and this processing in concreto was not necessary to … data minimisation (resp. article 5.1.d. and article 5.1.c. GDPR.), which means the institution breaches these …
5 June 2025
… consent, in compliance with the requirements of the GDPR, which would have formed the basis for the prospecting … (Article L. 34-5 of the CPCE as referred to in Article 7 of GDPR): under the system implemented by CALOGA, it was not … to have a legal basis for processing data (Article 6 of the GDPR): As part of its activity as a data broker, the company …
1 July 2021
… the requirements of the General Data Protection Regulation (GDPR). This is in response to a complaint from an … that this type of obtaining consent is in violation of the GDPR. The regulation requires consent to be freely given and specific. “It is a basic requirement of the GDPR that consent for processing of personal data must be …
6 November 2019
… of processing of personal data, specified in the GDPR. The President of the Personal Data Protection Office … actions were also inconsistent with Article 7(3) of the GDPR. The company did not take into account the principle … of the subject rights, as required by Article 12(2) of the GDPR. The proceedings of the President of PDPO established …