28 December 2021
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
12 May 2022
… EDPB Annual Report 2021: Enhancing the depth and breadth of data protection 12 May 2022 EDPB Today, Andrea Jelinek, Chair of the European Data Protection Board (EDPB) presented the EDPB Annual … and recommendations on topics such as personal data breach notifications, connected vehicles and virtual voice …
21 June 2023
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Data security …
24 March 2021
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
14 January 2022
… Legal Reference: Principles (Art. 5(1)(f), Art. 5(2)), Data protection by design and by default (Art. 25(1)), … fine issued Key words: principles, processing, security, data protection Summary of the Decision Origin of the … after the Polish Data Protection Authority received a data breach notification. As it was indicated, an unauthorized …
16 December 2019
… and modalities for the exercise of the rights of the data subject) Article 13 (Information to be provided where personal data are collected from the data subject) Article 14 (Information to be provided where … Nationale de l’Informatique et des Libertés (French Data Protection Authority), Having regard to Treaty no. 108 …
3 February 2023
… National case Controller: DISCORD INC. Legal Reference: Data retention periods (article 5.1.e of the GDPR), Information to individuals (article 13 of the GDPR), Data protection by default (article 25.2 of the GDPR), … public. The amount of the fine was decided regarding the breaches identified, the number of people concerned, but …
23 January 2025
… spite of user consent withdrawal (Article 82 of the French Data Protection Act) Decision: Infringement of the French … Electronic Communications Code, Infringement of the French Data Protection Act, Administrative fine Key words: … spite of user consent withdrawal Decision For these two breaches, the restricted committee decided to impose a …
21 January 2019
… the company GOOGLE LLC, in accordance with the General Data Protection Regulation (GDPR), for lack of transparency, … ads personalization. On 25 and 28 May 2018, the National Data Protection Commission (CNIL) received group complaints … the CNIL’s restricted committee responsible for examining breaches of the Data Protection Act observed two types of …
11 February 2021
… fine to Coop Finnmark 11 February 2021 Norway The Norwegian Data Protection Authority has issued a fine in the amount of … in this case. Lacked legal basis All processing of personal data requires a legal basis in order to be lawful. After … explains. This case was reported as a personal data breach notification from Coop Finnmark AS on April 10th …
16 September 2025
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 9 (Processing of special categories of personal data), Article 13 (Information to be provided where … scrive a Confcommercio: attenzione agli abusi - Data breach, il Garante sanziona Poste Vita per 80mila euro - …
28 July 2020
… Article 5 (Principles relating to processing of personal data) Article 12 (Transparent information, communication and modalities for the exercise of the rights of the data subject) Article 13 (Information to be provided where personal data are collected from the data subject) Article 14 …
1 February 2024
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 26 … or together with others - the goals and means of data processing, i.e. who (the Slovak school or the … Therefore, the Hungarian SA found that the Foundation breached Article 26(1) GDPR. Decision Based on Article …
20 January 2023
… Reference: Principles relating to processing of personal data (Article 5(1)(a)(e); Lawfulness of processing (Article … and modalities for the exercise of the rights of the data subject (Article 12); Information to be provided where … failure to designate a representative in the EU in breach of Article 27(4); failure to carry out a DPIA with …
15 September 2021
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data breach Data security Outcome No sanction decision.pdf …
3 February 2025
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data breach Outcome No sanction 1619_redacted.pdf 65KB …
24 November 2021
… Reference: Principles relating to processing of personal data (article 5), Legal basis (Article 6) Decision: Infringement of the GDPR Key words: Income Data, Lack of Procedures, Special Categories of Data … and national insurance. The Norwegian SA concluded that SPK breached the fundamental principles for the processing of …
3 July 2025
… meeting in Helsinki on 1–2 July 2025, the European Data Protection Board (EDPB) adopted a landmark Statement on … and concise guidance and ready-to-use tools, like a common data breach notification template, checklists, how-tos and FAQs, … meeting in Helsinki on 1–2 July 2025, the European Data Protection Board (EDPB) adopted a landmark Statement on …
30 May 2023
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 32 (Security of processing) Keywords Data security Sensitive data Personal data breach Outcome No …
7 August 2023
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Encryption Notification of personal data breach Outcome Dismissal/Rejection of the case Decision …