Search results | European Data Protection Board

The Belgian Data Protection Authority imposes two new fines
28 November 2019
News
… The Belgian Data Protection Authority imposes two new fines 28 November 2019 … has imposed a fine of €5000 on a mayor and a municipal officer in two separate cases. These fines were imposed …
Polish SA: administrative fine of EUR 1 170 for Social Welfare Centre and EUR 2 341 EUR for Mayor of Aleksandrów for ignoring the risk of ransomware attack
25 September 2025
News
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 28 …
European Data Protection Board - Sixth Plenary session: Privacy Shield, Brexit, clinical trials Q&A, DPIA lists, guidelines on certification, EDPB answer to Australian SA on data breach notification
24 January 2019
Press releases
… European Data Protection Board - Sixth Plenary session: Privacy Shield, … on certification, EDPB answer to Australian SA on data breach notification 24 January 2019 EDPB Brussels, 24 January - On January 22nd and 23rd, the European Data Protection Authorities, assembled in the European Data …
Polish SA: administrative fine of EUR 4 022 773 for McDonald’s Polska sp. z o.o. and EUR 43 680 for 24/7 Communication Sp. z o.o. for negligence in risk analysis and safeguards
25 September 2025
News
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 28 … data subject), Article 38 (Position of the data protection officer) Decision: Administrative fine Key words: …
The Polish supervisory authority imposed first administrative fine on a public entity
31 October 2019
News
… entity 31 October 2019 Poland The President of the Personal Data Protection Office (“The President of the Office”) imposed … was that the mayor of the city did not conclude a personal data processing agreement with the entities to which he …
Polish SA: administrative fine of 262 500 € for hidden video surveillance in neonatology department and failure to implement appropriate security measures
2 May 2025
News
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 9 (Processing of special categories of personal data), Article 13 (Information to be provided where … 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 (Security …
Minors: Italian SA sanctions nursery school. Cameras installed without safeguards and photos of children published online
18 November 2025
News
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 7 … are collected from the data subject), Article 35 (Data protection impact assessment), Article 37 (Designation of the data protection officer), Article 38 (Position of the data protection …
CEF 2025: EDPB selects topic for next year’s Coordinated Action
10 October 2024
News
… 10 October - During its October 2024 plenary, the European Data Protection Board (EDPB) selected the topic for its fourth … sector, the designation and position of Data Protection Officers and the implementation of the right of access by …
Administrative fine imposed on the Finnish Motor Insurers’ Centre for the collection of unnecessary patient information
8 February 2022
News
… Lawfulness, fairness and transparency (Art. 5(1)(a)), data minimisation (Art. 5(1)(c)), data protection by design and by default (Art. 25(2)) …
Polish DPA fines Surveyor General of Poland: Full inspection must be carried out
20 July 2020
News
… be carried out 20 July 2020 The President of the Personal Data Protection Office (UODO), after having conducted an … protection, and whether GGK has appointed a Data Protection Officer. Unfortunately, due to the lack of access by the …
Polish DPA Fines ENEA S.A.: A data breach must be notified to the supervisory authority
11 January 2021
News
… Polish DPA Fines ENEA S.A.: A data breach must be notified to the supervisory authority 11 … 000) on ENEA S.A. company for failing to notify a personal data breach. The Personal Data Protection Office (UODO) received information about the …
EDPB publishes CSC biannual report and work programme 2025-2026
13 February 2025
News
… Information System (IMI) transparency obligations for data controllers . In addition, in July 2023, the CSC … ‘Europol’s information systems - a guide for exercising data subjects’ rights: the right of access, rectification, … programme 2025-2026 . To ensure a continuous high level of protection of individuals’ rights, the Committee will …
EDPB Response to Ailidh Callander, Legal Officer (Privacy International)
18 June 2020
Letters
… EDPB Response to Ailidh Callander, Legal Officer (Privacy International) 18 June 2020 Letters EDPB … … national supervisory authorities. The role of the European Data Protection Board is to ensure the consistent application of …
ICO statement: Intention to fine Marriott International, Inc more than £99 million under GDPR for data breach
9 July 2019
News
… International, Inc more than £99 million under GDPR for data breach 9 July 2019 United Kingdom Statement in response … Office (ICO) intends to fine it for breaches of data protection law. Following an extensive investigation …
Polish SA: administrative fine of 81 000 € for failure to implement appropriate technical and organisational measures to ensure security
6 February 2025
News
… Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 (Security … Article 5 (Principles relating to processing of personal data), Article 28 (Processor), Article 34 (Communication of …
Legal Framework - Coordinated Supervision Committee
… of 23 October 2018. Article 62 provides that the European Data Protection Supervisor (EDPS) and the national supervisory … coordinating the supervision of the processing of personal data in an EU large scale IT system or body, office or …
Europe Day 2021
7 May 2021
News
… a special webpage. Check it out here to learn more about data protection and privacy in the EU. For more information … a special webpage. Check it out here to learn more about data protection and privacy in the EU. For more information …
Polish SA fines controller EUR 5300 for failure to implement appropriate security measures
20 April 2023
News
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 (Security … of more than 5 300 EUR (23 580 PLN) on the Disciplinary Officer of the Bar Association for breaching the provisions …
ICO statement: Intention to fine British Airways £183.39m under GDPR for data breach
8 July 2019
Press releases
… Intention to fine British Airways £183.39m under GDPR for data breach 8 July 2019 United Kingdom Following an … British Airways £183.39M for infringements of the General Data Protection Regulation (GDPR). The proposed fine relates to a …
Polish SA: administrative fine of 5 625 € for failure to implement appropriate technical and organisational measures to ensure security
6 February 2025
News
… Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 (Security … Article 5 (Principles relating to processing of personal data) Decision: Administrative fine, Compliance order Key …