15 July 2025
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 9 (Processing of special categories of personal data) Decision: Administrative fine Key words: … recalled that, according to the GDPR and the Italian Data Protection Code, the use of biometric data in the workplace …
6 February 2025
… Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 (Security … Article 5 (Principles relating to processing of personal data), Article 28 (Processor) Decision: Administrative fine, …
25 September 2025
… case concerns a complaint to the President of the Personal Data Protection Office lodged by an individual in 2021 about … irregularities in the processing of his or her personal data by an entrepreneur from Silesia voivodeship. That was …
20 September 2019
… 20 September 2019 Poland The President of the Personal Data Protection Office imposed a fine of an amount higher than … and technical measures for the protection of personal data were not appropriate to the risk posed by the …
13 January 2021
… Polish DPA & WARTA: Failure to notify a personal data breach without undue delay as a reason for imposing a … Company) infringed the provisions of the General Data Protection Regulation, because it did not notify a …
18 June 2020
… Article 5 (Principles relating to processing of personal data) Article 32 (Security of processing) Article 33 … about the processing of personal data The Danish Data Protection Agency hereby reacts to the case where (hereinaf- … the name and contact details of the data protection officer or other con- tact point where more information can …
25 November 2020
… 25 November 2020 Poland The President of the Personal Data Protection Office, after having conducted ex officio proceedings relating to breach of personal data protection of persons subject to medical quarantine by …
… EU coordinated action for 2023 15 March 2023 - The European Data Protection Board (EDPB) launches today the second … year on the designation and position of Data Protection Officers (DPOs). As intermediaries between data protection …
7 April 2020
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Data retention … them has been de- leted. Shortly before the reported data protection violation, the controller switched to a more …
… Strategy to streamline enforcement and cooperation among Data Protection Authorities (DPAs). Each year, DPAs select the … on the designation and position of data protection officers (DPOs), 2023 Coordinated Enforcement Action, …
12 August 2019
… than six months, the controller had neither appointed a data protection officer nor published its contact details or reported those …
5 August 2020
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data … a company pro- ject as testers Berlin Commissioner for Data Protection and Freedom of Information Friedrichstr. 219 …
17 October 2023
… action, the EDPB prioritises a certain topic for data protection authorities (DPAs) to work on at the national … selected the designation and position of data protection officers (DPOs). The report on the outcome of the 2023 …
24 July 2020
… 17 (Right to erasure (‘right to be forgotten’)) Keywords Data subject rights Right to erasure Outcome Reprimand … reprimand Noisli Ltd. for an infringement of the General Data Protection Regulation (GDPR). Justification: Our decision is …
3 September 2019
… and modalities for the exercise of the rights of the data subject) Article 13 (Information to be provided where personal data are collected from the data subject) Article 14 … independently of this. Berlin Commissioner for Data Protection and Freedom of Information Friedrichstr. 219 …
14 October 2025
… 14 October - During its October plenary, the European Data Protection Board (EDPB) picked the topic for its fifth … sector (2023) designation and position of Data Protection Officers (2024) implementation of the right of access by …
5 August 2019
… Article 13 (Information to be provided where personal data are collected from the data subject) Keywords Data subject rights Outcome No … number CDP/IMI/LSA/6/2019) received from the Spanish Data Protection Agency (Agencia Espanola de Proteccion de Datos …
13 September 2019
… be forgotten’)) Keywords Electronic communications Payment data Right to erasure Outcome No violation Summary 60.4KB … referenced in all correspondence) Dear Mr. Chief Executive Officer, Paris, the 2 3 SEP. 2019 This is further to the … the complaint addressed to the CNIL by the Spanish data protection authority, m accordance with the provisions of …
25 September 2025
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing) Decision: … fine Key words: Administrative fine, Anti-Money Laundering, Data security, Lawfulness of processing, Data subject rights, Data protection by design and by default Summary of the Decision …
29 June 2020
… to erasure (‘right to be forgotten’)) Keywords Consumer protection Outcome Reprimand Summary 62.2KB Download … Hatóság (Hungarian National Authority for Data Protection and Freedom of Information, hereinafter: the … was launched pursuant to Article 57(1)(f) of the General Data Protection Regulation (hereinafter: GDPR), and Section …