11 November 2020
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Data security …
20 January 2023
… Reference: Principles relating to processing of personal data (Article 5(1)(a)(e); Lawfulness of processing (Article … and modalities for the exercise of the rights of the data subject (Article 12); Information to be provided where … failure to designate a representative in the EU in breach of Article 27(4); failure to carry out a DPIA with …
7 November 2019
… with Article 32 paragraphs (1) and (2) of the General Data Protection Regulation. The investigation was carried out as a result of a data breach notification of the supervisory authority by SC …
14 January 2022
… Legal Reference: Principles (Art. 5(1)(f), Art. 5(2)), Data protection by design and by default (Art. 25(1)), … fine issued Key words: principles, processing, security, data protection Summary of the Decision Origin of the … after the Polish Data Protection Authority received a data breach notification. As it was indicated, an unauthorized …
24 February 2020
… 46 (3) (b) of Regulation 2016/679 for transfers of personal data between EEA and non-EEA public authorities and bodies … 46 (3) (b) of Regulation 2016/679 for transfers of personal data between EEA and non-EEA public authorities and bodies … if one of the parties becomes aware of a personal data breach, it will inform the other party (ies) as soon as …
12 July 2019
… Guidelines 3/2019 on processing of personal data through video devices Guidelines 3/2019 on processing of personal data through video devices The European Data Protection … A company is experiencing difficulties with security breaches in their public entrance and is using video …
17 July 2025
… Article 9 (Processing of special categories of personal data), Article 83 (General conditions for imposing … fines) Decision: Administrative fine Key words: Personal data breach, Sensitive data, Administrative fine, Data retention, …
11 February 2021
… fine to Coop Finnmark 11 February 2021 Norway The Norwegian Data Protection Authority has issued a fine in the amount of … in this case. Lacked legal basis All processing of personal data requires a legal basis in order to be lawful. After … explains. This case was reported as a personal data breach notification from Coop Finnmark AS on April 10th …
18 December 2024
… Article 5 (Principles relating to processing of personal data) Article 24 (Responsibility of the controller) Article … of processing) Article 34 (Communication of a personal data breach to the data subject) Keywords Principles …
12 February 2019
… Administrative Arrangement for the transfer of personal data between European Economic Area (“EEA”) Financial … 8 adopted 3 The European Data Protection Board Having regard to Article 63, Article … such as “personal data”, “processing”, “personal data breach”, “right of access”, “right of erasure” which are in …
6 September 2023
… Article 5 (Principles relating to processing of personal data), Article 12 (Transparent information, communication, … and modalities for the exercise of the rights of the data subject), Article 13 (Information to be provided where … system, unfairly and in an untransparent manner, in breach of Article 5(1)(a), and had not informed the data …
15 May 2020
… Danish recruitment company 15 May 2020 Denmark The Danish Data Protection Authority considers that in a case on the … JobTeam has not met the basic requirements of the General Data Protection Regulation (GDPR) that personal data must be … It is the view of the Danish Data Protection Agency that a breach of the fundamental principles of the regulation …
13 May 2021
… of Asker fined 13 May 2021 Norway The Norwegian Data Protection Authority has fined Asker municipality EUR … Municipality was fined for publishing confidential personal data and National Identity Numbers (NID) on its website. The municipality has breached the data protection regulations requirements …
25 September 2025
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 28 … processing), Article 33 (Notification of a personal data breach to the supervisory authority) Decision: …
3 January 2024
… 2023 Cross-border case Hungarian National Authority for Data Protection and Freedom of Information (Hungarian … Supervisory Authority, SA) and CSAs: Office for Personal Data Protection of the Slovak Republic (Slovak Supervisory … respective responsibilities. , The Foundation was found in breach of Article 26(1) of the GDPR, as the cooperation …
25 November 2019
… Communications SA was sanctioned with a reprimand for the breach of provisions of Article 32 paragraph (1) letter b) … Communications SA could not prove the accuracy of the data processed, which led to the violation of the basic principle for data processing provided by Article 5 paragraph (1) letter …
12 May 2023
… Infringement of the GDPR, Order to erase complainant’s data, Order to name an Article 27 representative Key words: Facial recognition; biometric data Summary of the Decision Origin of the case … The permanent storage of personal data also constitutes a breach of data minimisation principle. Article 9(1): The …
… taken by, and involving, different SAs relating to specific data subject rights. The projects are conducted by external … One-Stop-Shop case digest on Security of Processing and Data Breach Notification 18 January 2024 Publication Type: …
1 February 2021
… known by mothers and fathers-to-be in Belgium, for various breaches of the GDPR. Family Service is a marketing company … lodged at the DPA alleging the company transferred personal data to third parties, including data brokers, without valid consent on the part of the …
28 November 2024
… Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 … Article 5 (Principles relating to processing of personal data) Decision: Administrative fine, Compliance order Key … Administrative fine, Data subject rights, Personal data breach, Principles relating to processing of personal data, …