Search results | European Data Protection Board

Zdravko Vukić elected new Deputy Chair of the European Data Protection Board
19 June 2024
Press releases
… Zdravko Vukić elected new Deputy Chair of the European Data Protection Board 19 June 2024 EDPB Brussels, 19 June - … from 2005 to 2016, he served as a Chief Human Resources Officer in charge of the organisation's employees and legal …
Polish SA: administrative fine of EUR 1 170 for Social Welfare Centre and EUR 2 341 EUR for Mayor of Aleksandrów for ignoring the risk of ransomware attack
25 September 2025
News
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 28 …
Polish SA: administrative fine of EUR 4 022 773 for McDonald’s Polska sp. z o.o. and EUR 43 680 for 24/7 Communication Sp. z o.o. for negligence in risk analysis and safeguards
25 September 2025
News
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 28 … data subject), Article 38 (Position of the data protection officer) Decision: Administrative fine Key words: …
Polish SA: administrative fine of 262 500 € for hidden video surveillance in neonatology department and failure to implement appropriate security measures
2 May 2025
News
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 9 (Processing of special categories of personal data), Article 13 (Information to be provided where … 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 (Security …
Minors: Italian SA sanctions nursery school. Cameras installed without safeguards and photos of children published online
18 November 2025
News
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 7 … are collected from the data subject), Article 35 (Data protection impact assessment), Article 37 (Designation of the data protection officer), Article 38 (Position of the data protection …
CEF 2025: EDPB selects topic for next year’s Coordinated Action
10 October 2024
News
… 10 October - During its October 2024 plenary, the European Data Protection Board (EDPB) selected the topic for its fourth … sector, the designation and position of Data Protection Officers and the implementation of the right of access by …
Administrative fine imposed on the Finnish Motor Insurers’ Centre for the collection of unnecessary patient information
8 February 2022
News
… Lawfulness, fairness and transparency (Art. 5(1)(a)), data minimisation (Art. 5(1)(c)), data protection by design and by default (Art. 25(2)) …
EDPB Response to Ailidh Callander, Legal Officer (Privacy International)
18 June 2020
Letters
… EDPB Response to Ailidh Callander, Legal Officer (Privacy International) 18 June 2020 Letters EDPB … … national supervisory authorities. The role of the European Data Protection Board is to ensure the consistent application of …
The Polish supervisory authority imposed first administrative fine on a public entity
31 October 2019
News
… entity 31 October 2019 Poland The President of the Personal Data Protection Office (“The President of the Office”) imposed … was that the mayor of the city did not conclude a personal data processing agreement with the entities to which he …
EDPBI:CZ:OSS:D:2019:56
7 October 2019
… … 1/6 Ref No. UOOU-03390/19-7 ORDER The Office for Personal Data Protection, as the competent administrative authority … in the Commercial Register maintained by the the executive officer of which is born DD Month YYYY, residing at Address …
EDPBI:MT:OSS:D:2019:60
10 October 2019
… 62.5KB Download Decision 545.2KB Download … Information and Data Protection Commissioner Vs COMPLAINT Reference is made to … main establishment as when we asked for the data protection officer, at that time, he/she was not present. INVESTIGATION …
EDPBI:MT:OSS:D:2019:70
28 October 2019
… PL Main legal reference Article 15 (Right of access by the data subject) Keywords Data subject rights Right of access … Download Decision 525.5KB Download … Information and Data Protection Commissioner Vs COMPLAINT Reference is made to … is either a Senior Team Member or a senior customer service officer having experience and knowledge on the various …
Polish DPA fines Surveyor General of Poland: Full inspection must be carried out
20 July 2020
News
… be carried out 20 July 2020 The President of the Personal Data Protection Office (UODO), after having conducted an … protection, and whether GGK has appointed a Data Protection Officer. Unfortunately, due to the lack of access by the …
Polish DPA Fines ENEA S.A.: A data breach must be notified to the supervisory authority
11 January 2021
News
… Polish DPA Fines ENEA S.A.: A data breach must be notified to the supervisory authority 11 … 000) on ENEA S.A. company for failing to notify a personal data breach. The Personal Data Protection Office (UODO) received information about the …
EDPB publishes CSC biannual report and work programme 2025-2026
13 February 2025
News
… Information System (IMI) transparency obligations for data controllers . In addition, in July 2023, the CSC … ‘Europol’s information systems - a guide for exercising data subjects’ rights: the right of access, rectification, … programme 2025-2026 . To ensure a continuous high level of protection of individuals’ rights, the Committee will …
Europe Day 2021
7 May 2021
News
… a special webpage. Check it out here to learn more about data protection and privacy in the EU. For more information … a special webpage. Check it out here to learn more about data protection and privacy in the EU. For more information …
ICO statement: Intention to fine Marriott International, Inc more than £99 million under GDPR for data breach
9 July 2019
News
… International, Inc more than £99 million under GDPR for data breach 9 July 2019 United Kingdom Statement in response … Office (ICO) intends to fine it for breaches of data protection law. Following an extensive investigation …
Polish SA: administrative fine of 81 000 € for failure to implement appropriate technical and organisational measures to ensure security
6 February 2025
News
… Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 (Security … Article 5 (Principles relating to processing of personal data), Article 28 (Processor), Article 34 (Communication of …
Legal Framework - Coordinated Supervision Committee
… of 23 October 2018. Article 62 provides that the European Data Protection Supervisor (EDPS) and the national supervisory … coordinating the supervision of the processing of personal data in an EU large scale IT system or body, office or …
EDPBI:DESL:OSS:D:2019:11
7 March 2019
… and modalities for the exercise of the rights of the data subject) Article 17 (Right to erasure (‘right to be forgotten’)) Keywords Data subject rights Right to erasure Outcome No sanction … a , which was passed on to this office by the French data protection authority (CNIL) on the basis of Art. 56 General …