11 April 2022
… Reference: Article 5 (2) Decision: Infringement of the GDPR Key words: Deletion Summary of the Decision Origin … million EUR) for the infringement of Article 5 (2) of the GDPR. Decision The Danish Supervisory Authority has reported … million EUR) for the infringement of Article 5 (2) of the GDPR. For further information: …
13 October 2021
… Reference: Purpose limitation (article 5, par. 1, let. b) GDPR), lawfulness of processing (article 6, par. 1, let. a) GDPR), adequacy of the measures (articles 24, 25 GDPR); SA’s power to request information from controller or …
12 September 2018
… administrative penal decision for infringements of the GDPR and Austrian Data Protection Act. The Austrian DPA … café as the controller within the meaning of Article 4. 7 GDPR of an image processing system (video surveillance). The … Art. 6 para. 1 of the General Data Protection Regulation (GDPR) and several provisions of the Austrian Data Protection …
12 June 2023
… Origin of the case The General Data Protection Regulation, GDPR, entered into force in 2018 and means, among other … information pursuant to article 15.1 a-h and 15.2 of the GDPR that should be provided to the individual making the … violations of articles 12.1, 15.1 a-d, g and 15.2 of the GDPR. IMY has further found that Spotify had failed in its …
15 July 2022
… legitimate interest (Article 6(1)(f) GDPR) Decision: Issuance of warning to controller that … transposing directive 2002/58/EC and Article 6(1)(f) GDPR; Key words: Personalised advertising; legal basis; … user’s consent; warning to controller; Article 58(2)(a) GDPR; Section 154(1)(f) of Italian personal data protection …
6 May 2025
… om tilstrækkeligheden af beskyttelsesniveauet i henhold til GDPR vedrørende Den Europæiske Patentorganisation (EPO) . … om tilstrækkeligheden af beskyttelsesniveauet i henhold til GDPR og retshåndhævelsesdirektivet. Endelig indvilligede … beskyttelsesniveau på grundlag af artikel 45 i GDPR. Databeskyttelsesrådet understreger betydningen af en …
25 September 2020
… in accordance with the General Data Protection Regulation (GDPR). The topics of direct marketing included various … Article 4(11) of the EU General Data Protection Regulation (GDPR), the consent must be a freely given, specific, … the data subjects’ right to object in accordance with the GDPR. In the controller’s view, it has targeted the …
5 June 2025
… adopted the final version of its guidelines on Art.48 GDPR about data transfers to third country authorities … the simplification of record-keeping obligation under the GDPR. Data transfers to third country authorities … In its guidelines, the EDPB zooms in on Art. 48 GDPR and clarifies how organisations can best assess under …
5 March 2025
… sletning eller "retten til at blive glemt" (artikel 17 i GDPR). Databeskyttelsesrådet valgte dette emne på sit … i oktober 2024, da det er en af de hyppigst udøvede GDPR-rettigheder , og en af dem, som … sletning eller "retten til at blive glemt" (artikel 17 i GDPR). Databeskyttelsesrådet valgte dette emne på sit …
5 August 2020
… breach or to mitigate its adverse effects (Art. 33 (3) (d) GDPR) Both the document and the entry were deleted. … or public communi- cation (Art. 34(1) or Art. 34(3) (c) GDPR) The data subjects concerned were informed in writing … the incident occurred, e.g. encryption (Article 34 (3) (a) GDPR) This was not a technical error. 6. Subsequent measures …
20 January 2023
… (Article 35) Decision: Infringement of the GDPR, Administrative fine, Ban on processing, Order to … limitation principles; infringement of Articles 6 and 7 GDPR; failure to provide the information set out by Articles … to bring processing operations into compliance with the GDPR as for the transparency-related infringements - by …
6 December 2024
… on the controller for unlawful processing (Art. 5 and 6.1 GDPR). The controller was reprimanded for the shortcomings … and was ordered to correct its unlawful practices (Art. 13 GDPR). In addition, the DPA instructed the controller to … so that only necessary personal data is processed (Art. 25 GDPR). For further information: National press release: …
2 May 2025
… examined the case and found that the provisions of the GDPR had been infringed (Article 6(1) and 9(1)). The Polish DPA concludes that this infringement of the GDPR is of a serious nature. The personal data of the person … data available by the Commander-in-Chief in breach of the GDPR (without a legal basis) during the conference entails …
13 February 2019
… vedtog på grundlag af artikel 46, stk. 3, litra b), i GDPR sin første udtalelse om en administrativ ordning for … og offentlige myndigheder vedrørende dataoverførsler under GDPR i tilfælde af et brexit uden en aftale. Datastrømme fra … bistand i forbindelse med anvendelsen af artikel 40 og 41 i GDPR. Hensigten med retningslinjerne er at bidrage til at …
14 March 2022
… the data subject (Article 13) Decision: Infringement of the GDPR, administrative fine and reprimand Summary of the … right to inspect their own data in accordance with the GDPR or to give a reason for restricting this right. The … Ombudsman issued the company a reprimand for violating the GDPR and ordered it to change its procedure to comply with …
… the position in their organisations required by Art. 37-39 GDPR and the resources needed to carry out their tasks. The … all DPOs notified in Liechtenstein pursuant to Art. 37 (7) GDPR. The results of the joint initiative will be analysed … the position in their organisations required by Art. 37-39 GDPR and the resources needed to carry out their tasks. The …
29 June 2021
… and their rights in accordance with Article 13 of the GDPR. Additionally, labels and signs indicating the video … Data Protection and the Processing of Personal Data and the GDPR. Moreover, the data subjects affected by these … personal data merits specific protection according to the GDPR. It was also regarded that employers have a …
29 March 2021
… infringements of the General Data Protection Regulation (GDPR) were imposed on the National Public Health Centre … of Articles 5, 13, 24, 32, 35 and Article 58(2)(f) of the GDPR, and a fine of EUR 3,000 was imposed on the Company for infringements of Articles 5, 13, 24, 32 and 35 of the GDPR. In spring 2020, the DPA started monitoring activities …
13 July 2020
… breach or mitigate its adverse effects (Art. 33 (3) (d) GDPR) The company hired a forensics firm to identify network … or public com- munication (Art. 34 (1) or Art. 34 (3) (c) GDPR) The concerned data subjects were informed of the … incident occurred, e.g. encryption (Arti- cle 34 (3) (a) GDPR) - 3 - The stolen passwords were hashed with PBKDF2-SHA …
21 January 2019
… in accordance with the General Data Protection Regulation (GDPR), for lack of transparency, inadequate information and … as defined in the General Data Protection Regulation (“GDPR”), the CNIL sent these two complaints to its European … assess if it was competent to deal with them. Indeed, the GDPR establishes a “one-stop-shop mechanism” which provides …