28 November 2024
… was inconsistent with the applicable provisions of the GDPR, due to an incorrectly conducted risk analysis, which … such as a risk register or confirmations of monitoring of GDPR procedures. However, the rules for using external data … for infringement of Articles 5, 24, 25 and 32 of the GDPR. What is more, appropriate organisational and technical …
5 November 2024
… the Irish Data Protection Authority under Art. 64 (2) GDPR. EDPB Chair Anu Talus said: “During the stakeholder … the Irish Data Protection Authority under Art. 64 (2) GDPR. EDPB Chair Anu Talus said: “During the stakeholder …
13 October 2020
… IP address, refers to Art. 6 para. 1 sentence 1 lit. f GDPR. sees the legitimate interest in the processing of … attacks, in particular to meet the requirements of Art. 32 GDPR and § 13 para. 7 TMG. Furthermore, the method aims at … risks" in the sense of Art. 6 para. 1 sentence 1 lit. f GDPR. 3 III. Legal assessment The Brandenburg Commissioner …
21 March 2019
… the data subjects, pursuant to Article 33-34 of the GDPR. The NAIH launched an administrative control procedure, … regarding to Article 9 (1) and Article 33 (1) of the GDPR and the Hungarian Privacy Act Section 60 (1). DK was on … €) to DK for violating the provisions Article 33-34 of the GDPR because DK did not notify the high risk personal data …
26 November 2021
… of processing (Article 32). Decision: Infringement of the GDPR, Fine Key words: Principles, Lawfulness of processing, … on its own initiative whether the project complied with the GDPR. Key findings In its decision, the Icelandic DPA notes … the processing as well as the multiple infringements of the GDPR. The Ministry of Industries and Innovation was fined …
30 January 2020
… public consultation. The guidelines aim to clarify how the GDPR applies to the processing of personal data when using … devices and to ensure the consistent application of the GDPR in this regard. The guidelines cover both traditional … posed by the use of algorithms, an overview of the relevant GDPR provisions and existing guidelines addressing these …
20 December 2019
… an infringement of the General Data Protection Regulations (GDPR). The ICO launched its investigation into Doorstep … considered the contravention from 25 May 2018, when the GDPR came into effect. Doorstep Dispensaree has also been … Act 2018 (DPA2018), the General Data Protection Regulation (GDPR), the Freedom of Information Act 2000 (FOIA), …
3 November 2021
… of processing (Article 32) Decision: Infringement of the GDPR, Order to comply Key words: Loss of … a violation of Article 5.1.f) and Article 32 of the GDPR, for which the telephone company is responsible. The … of processing (Article 32) Decision: Infringement of the GDPR, Order to comply Key words: Loss of …
1 December 2019
… been made. This is, however, mandatory under Art. 37 (7) GDPR. Violations of this requirement are subject to a fine in accordance with Art. 83 Para. 4 lit. a) GDPR. The fine may sound low at first sight. However, … been made. This is, however, mandatory under Art. 37 (7) GDPR. Violations of this requirement are subject to a fine …
9 June 2020
… supervisory authority has, infringing Article 58.1 of the GDPR. This infringement is typified in Article 83.5(e) of the GDPR and is classified for prescription purposes as very … supervisory authority has, infringing Article 58.1 of the GDPR. This infringement is typified in Article 83.5(e) of …
5 August 2020
… breach or to mitigate its adverse effects (Art. 33 (3) (d) GDPR) Both the document and the entry were deleted. … or public communi- cation (Art. 34(1) or Art. 34(3) (c) GDPR) The data subjects concerned were informed in writing … the incident occurred, e.g. encryption (Article 34 (3) (a) GDPR) This was not a technical error. 6. Subsequent measures …
… Processing of Personal Data pursuant to Art. 42 GDPR (‘GDPR – information privacy standard’), Version 0.9.7 Opinion … IT-supported processing of Personal Data pursuant to art 42 GDPR (‘GDPR – information privacy standard’)” presented 2 …
27 January 2023
… that the company did not have the consent required by the GDPR for processing data on body mass indices and maximal … The consent requested did not meet the requirements of the GDPR as it was not specific and informed. The SA finds that … that the company did not have the consent required by the GDPR for processing data on body mass indices and maximal …
21 June 2023
… as follows: Article 5(1)(c) and Article 5(1)(e) of the GDPR The DPC found that Airbnb’s retention of a copy of the … of this complaint in accordance with Article 60(7) of the GDPR. In light of the infringements of Article 5(1)(c) and … a reprimand to Airbnb pursuant to Article 58(2)(b) of the GDPR. In addition, the DPC made the following orders against …
26 March 2019
… their rights under the General Data Protection Regulation (GDPR). Therefore, they had no possibility to object to … the rights we are entitled to in accordance with the GDPR. The decision of the UODO’s President concerned the … the information required under Art. 14 (1) – (3) of the GDPR only in relation to the persons whose e-mail addresses …
20 July 2020
… the provisions of the General Data Protection Regulation (GDPR), where the breach consisted in failure to provide the … tasked with monitoring and enforcing the application of the GDPR. Within the scope of its competences, it conducts inter … proceedings on the application of the provisions of the GDPR. For the performance of its tasks, the supervisory …
12 February 2019
… taken into consideration. Since the EDPB is required by the GDPR (art. 70(4)) to make the results of this consultation … such data, and repealing Directive 95/46/EC (hereinafter “GDPR”), Having regard to the EEA Agreement and in particular … OPINION: 1 INTRODUCTION 1. Regulation 2016/6791 (“the GDPR”) came into effect on 25 May 2018. One of the main …
13 July 2020
… breach or mitigate its adverse effects (Art. 33 (3) (d) GDPR) The company hired a forensics firm to identify network … or public com- munication (Art. 34 (1) or Art. 34 (3) (c) GDPR) The concerned data subjects were informed of the … incident occurred, e.g. encryption (Arti- cle 34 (3) (a) GDPR) - 3 - The stolen passwords were hashed with PBKDF2-SHA …
16 May 2022
… processing - article 32(1). Decision: infringement of the GDPR, administrative fine, order subject to a financial … infringements of the General Data Protection Regulation (GDPR) in its visa-issuing process. In addition to imposing a … processing - article 32(1). Decision: infringement of the GDPR, administrative fine, order subject to a financial …
30 April 2025
… breach to the data subject) Decision: infringement of the GDPR, administrative fines imposed Key words: access … default, in conjunction with Articles 32, 33, and 34 of the GDPR, as well as an administrative fine of EUR 20,000 for … breach to the data subject) Decision: infringement of the GDPR, administrative fines imposed Key words: access …