16 May 2022
… - article 35(2) icw 38(1) Decision: infringement of the GDPR, administrative fines Key words: illegally processing … violations of the General Data Protection Regulation (GDPR). For example, the Tax Administration had no statutory … - article 35(2) icw 38(1) Decision: infringement of the GDPR, administrative fines Key words: illegally processing …
20 September 2022
… delivering the information notice as per Articles 13 and 14 GDPR; the right of access to one’s personal data and the … rights which are set forth in separate provisions of the GDPR and are intended to afford safeguards and protection in … delivering the information notice as per Articles 13 and 14 GDPR; the right of access to one’s personal data and the …
2 May 2024
… HELLENIC POST SERVICES S.A. Decision: Infringement of the GDPR, administrative fine Key words: non-compliance with … Hellenic Supervisory Authority (SA), in accordance with the GDPR. The first incident involves a breach of data … HELLENIC POST SERVICES S.A. Decision: Infringement of the GDPR, administrative fine Key words: non-compliance with …
10 March 2025
… from accessing the data in the loan applications (art. 32 GDPR, art. 25 GDPR and art. 5(1)(f)). Due to poor data security, the … from accessing the data in the loan applications (art. 32 GDPR, art. 25 GDPR and art. 5(1)(f)). Due to poor data …
6 July 2021
… required by the General Data Protection Regulation (GDPR) for carrying out direct marketing. The Office of the … their rights as data subjects in accordance with the GDPR, because the robot could not understand the question of … and the method for obtaining it were not compliant with the GDPR, because consent was not requested separately for …
20 March 2019
… relying on the new powers set out in Article 58 of the EU GDPR. The warning was addressed to the Revenue Agency to … the 15 th of April this year, pursuant to Article 35 of the GDPR. The Garante had already emphasized that the Agency … data protection by design approach that is set forth in the GDPR; indeed, the Garante had pointed out that such a …
… Processing of Personal Data pursuant to Art. 42 GDPR (‘GDPR – information privacy standard’), Version 0.9.7 Opinion … IT-supported processing of Personal Data pursuant to art 42 GDPR (‘GDPR – information privacy standard’)” presented 2 …
31 October 2019
… with Article 32 paragraph (1) and paragraph (2) of the GDPR , which led to imposing an administrative fine in the … with Article 32 paragraph (1) and paragraph (2) of the GDPR , as well as of Article 33 paragraph (1) of the GDPR, which led to imposing an administrative fine in the …
13 October 2020
… IP address, refers to Art. 6 para. 1 sentence 1 lit. f GDPR. sees the legitimate interest in the processing of … attacks, in particular to meet the requirements of Art. 32 GDPR and § 13 para. 7 TMG. Furthermore, the method aims at … risks" in the sense of Art. 6 para. 1 sentence 1 lit. f GDPR. 3 III. Legal assessment The Brandenburg Commissioner …
5 August 2020
… breach or to mitigate its adverse effects (Art. 33 (3) (d) GDPR) Both the document and the entry were deleted. … or public communi- cation (Art. 34(1) or Art. 34(3) (c) GDPR) The data subjects concerned were informed in writing … the incident occurred, e.g. encryption (Article 34 (3) (a) GDPR) This was not a technical error. 6. Subsequent measures …
3 February 2022
… of processing (Article 6). Decision: Infringement of the GDPR, order to comply. Key words: … operations into compliance with the provisions of the GDPR within six months of this decision. For further … of processing (Article 6). Decision: Infringement of the GDPR, order to comply. Key words: …
28 March 2022
… Media Magazines B.V. Legal Reference: article 12 (2) GDPR Decision: Infringement of the GDPR, administrative fine Key words: identity document; … Media Magazines B.V. Legal Reference: article 12 (2) GDPR Decision: Infringement of the GDPR, administrative …
21 April 2022
… data pertaining to a special category of data under the GDPR (health data). The temperature checks were mainly based … of Mobility, which does not meet the criteria of the GDPR, i.e. to be a clear and precise legal standard whose … data pertaining to a special category of data under the GDPR (health data). The temperature checks were mainly based …
16 April 2021
… on the EDPB website. Opinion 14/2021 is based on the GDPR and assesses both general data protection aspects and … on the EDPB website. Opinion 14/2021 is based on the GDPR and assesses both general data protection aspects and …
6 February 2025
… data. This was because, contrary to the indications of the GDPR the controller had not carried out an adequate risk … so that the processing meets the requirements of the GDPR and protects the rights of data subjects (point I(b) of … to comply with the principle of accountability under the GDPR (Article 5(2)) both before and after the incident. At …
6 February 2025
… bank has failed to comply with its obligations under the GDPR after the personal data of a group of customers was … secrets does not exempt from the application of the GDPR. Decision The President of the Personal Data … 928 498,06 € on mBank for infringement of Article 34 of the GDPR. The fine amount represents 24 thousandths of one per …
13 July 2020
… breach or mitigate its adverse effects (Art. 33 (3) (d) GDPR) The company hired a forensics firm to identify network … or public com- munication (Art. 34 (1) or Art. 34 (3) (c) GDPR) The concerned data subjects were informed of the … incident occurred, e.g. encryption (Arti- cle 34 (3) (a) GDPR) - 3 - The stolen passwords were hashed with PBKDF2-SHA …
7 May 2025
… fine of 60 000 € for infringement of Article 38(3) of the GDPR and a fine of 72 000 € for infringement of Articles 30(1), 35(1,7) of the GDPR. Total amount of imposed fine on Toyota Bank Polska … fine of 60 000 € for infringement of Article 38(3) of the GDPR and a fine of 72 000 € for infringement of Articles …
11 May 2020
… of Article 56.1 of the General Data Protection Regulation (GDPR). lodged a complaint with the CNIL regarding the … in accordance with the provisions of Article 58.2.b) of the GDPR. Indeed, has to ensure and be able to demonstrate that … manner in relation to them (Articles 5.1.a) and 5.2 GDPR). In addition, pursuant to Articles 17.1 and 21.1 GDPR, …
14 October 2021
… obligations under data protection law (Article 12, 13 GDPR) through this procedure, as the customers were not … permissible at all. This is not explicitly regulated in the GDPR; there are no clear legal requirements in this respect. … obligations under data protection law (Article 12, 13 GDPR) through this procedure, as the customers were not …