20 July 2020
… the provisions of the General Data Protection Regulation (GDPR), where the breach consisted in failure to provide the … tasked with monitoring and enforcing the application of the GDPR. Within the scope of its competences, it conducts inter … proceedings on the application of the provisions of the GDPR. For the performance of its tasks, the supervisory …
5 August 2020
… breach or to mitigate its adverse effects (Art. 33 (3) (d) GDPR) Both the document and the entry were deleted. … or public communi- cation (Art. 34(1) or Art. 34(3) (c) GDPR) The data subjects concerned were informed in writing … the incident occurred, e.g. encryption (Article 34 (3) (a) GDPR) This was not a technical error. 6. Subsequent measures …
12 February 2019
… taken into consideration. Since the EDPB is required by the GDPR (art. 70(4)) to make the results of this consultation … such data, and repealing Directive 95/46/EC (hereinafter “GDPR”), Having regard to the EEA Agreement and in particular … OPINION: 1 INTRODUCTION 1. Regulation 2016/6791 (“the GDPR”) came into effect on 25 May 2018. One of the main …
16 May 2022
… processing - article 32(1). Decision: infringement of the GDPR, administrative fine, order subject to a financial … infringements of the General Data Protection Regulation (GDPR) in its visa-issuing process. In addition to imposing a … processing - article 32(1). Decision: infringement of the GDPR, administrative fine, order subject to a financial …
30 April 2025
… breach to the data subject) Decision: infringement of the GDPR, administrative fines imposed Key words: access … default, in conjunction with Articles 32, 33, and 34 of the GDPR, as well as an administrative fine of EUR 20,000 for … breach to the data subject) Decision: infringement of the GDPR, administrative fines imposed Key words: access …
12 July 2019
… taken into consideration. Since the EDPB is required by the GDPR (art. 70(4)) to make the results of this consultation … such data, and repealing Directive 95/46/EC, (hereinafter “GDPR”), Having regard to the EEA Agreement and in particular … or even the risks of misuse. The general principles in GDPR (Article 5), should always be carefully considered when …
7 October 2019
… of accuracy) of the General Data Protection Regulation (GDPR). It therefore imposed an administrative fine of EUR … for direct marketing purposes (Article 21 (3) of the GDPR) as well as Article 25 (data protection by design) of the GDPR and imposed an administrative fine of EUR 200.000 on …
20 May 2022
… 12(1), 13, 21(1), 21(2), 24(1), 25(1), and 25(2) of the GDPR, Order to comply with the above Articles, Imposing … the serious infringement of numerous articles of the GDPR for a long period, ordered the data controller to stop … continue the data processing if made compliant with the GDPR, and issued an administrative fine in HUF equal to …
31 October 2019
… b), Article 6 paragraph (1) letter a) and Article 7 of the GDPR , which led to imposing an administrative fine in the … consent, under the conditions provided by Article 7 of the GDPR, for a number of 4357 users , for which it processed … context, we emphasize that according to Article 7 of the GDPR, if the processing is based on consent, the controller …
7 September 2022
… Minimisation (Article 5.1.c) Decision: Infringement of the GDPR; Reprimand; Order to bring the processing operations into compliance with the GDPR Key words: Lawfulness; Purpose limitation; Data … to bring the processing operation into compliance with the GDPR by no longer requiring the conduct of a social and …
8 May 2020
… attention. The Board underlines that, according to the GDPR, personal data, such as names and addresses, and … data.” However, the EDPB stresses that enforcement of the GDPR lies with the national supervisory authorities. The … In the first instance, the assessment of alleged GDPR infringements falls within the competence of the …
16 May 2023
… from May 25, 2018 until today. Contrary to Article 28 the GDPR, the data controller did not conclude a contract on … personal data , which is contrary to Article 32.2 of the GDPR. Due to not undertaking appropriate measures, the … EUR due to violations of Articles 13, 28 and 32 of the GDPR. For further information: Agenciji za naplatu …
21 May 2025
… consent, in compliance with the requirements of the GDPR, which would have formed the basis for the prospecting … to processing of his or her personal data (Article 7 of the GDPR): The company failed to provide the French SA with … Code (CPCE) and the General Data Protection Regulation (GDPR) regarding the collection and proof of consent. It …
13 July 2020
… breach or mitigate its adverse effects (Art. 33 (3) (d) GDPR) The company hired a forensics firm to identify network … or public com- munication (Art. 34 (1) or Art. 34 (3) (c) GDPR) The concerned data subjects were informed of the … incident occurred, e.g. encryption (Arti- cle 34 (3) (a) GDPR) - 3 - The stolen passwords were hashed with PBKDF2-SHA …
6 February 2025
… a broad extent, should have a legal basis. In turn, the GDPR clearly provides (in Article 6(1)) that the processing … are under special protection, according to Article 9 of the GDPR. It should be emphasised that the National Public … how it should - in accordance with the provisions of the GDPR - notify the person whose data has been affected by the …
16 April 2021
… on the EDPB website. Opinion 14/2021 is based on the GDPR and assesses both general data protection aspects and … on the EDPB website. Opinion 14/2021 is based on the GDPR and assesses both general data protection aspects and …
31 October 2019
… with Article 32 paragraph (1) and paragraph (2) of the GDPR , which led to imposing an administrative fine in the … with Article 32 paragraph (1) and paragraph (2) of the GDPR , as well as of Article 33 paragraph (1) of the GDPR, which led to imposing an administrative fine in the …
14 February 2019
… taken into consideration. Since the EDPB is required by the GDPR (art. 70(4)) to make the results of this consultation … in accordance with the legal requirements provided by the GDPR and, where applicable, by national legislation. 2 SCOPE … of processing operations of controllers under the GDPR without specifying further the area of application …
11 May 2020
… of Article 56.1 of the General Data Protection Regulation (GDPR). lodged a complaint with the CNIL regarding the … in accordance with the provisions of Article 58.2.b) of the GDPR. Indeed, has to ensure and be able to demonstrate that … manner in relation to them (Articles 5.1.a) and 5.2 GDPR). In addition, pursuant to Articles 17.1 and 21.1 GDPR, …
2 May 2024
… HELLENIC POST SERVICES S.A. Decision: Infringement of the GDPR, administrative fine Key words: non-compliance with … Hellenic Supervisory Authority (SA), in accordance with the GDPR. The first incident involves a breach of data … HELLENIC POST SERVICES S.A. Decision: Infringement of the GDPR, administrative fine Key words: non-compliance with …