11 February 2021
… fine to Coop Finnmark 11 February 2021 Norway The Norwegian Data Protection Authority has issued a fine in the amount of … in this case. Lacked legal basis All processing of personal data requires a legal basis in order to be lawful. After … explains. This case was reported as a personal data breach notification from Coop Finnmark AS on April 10th …
16 September 2025
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 9 (Processing of special categories of personal data), Article 13 (Information to be provided where … scrive a Confcommercio: attenzione agli abusi - Data breach, il Garante sanziona Poste Vita per 80mila euro - …
1 February 2024
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 26 … or together with others - the goals and means of data processing, i.e. who (the Slovak school or the … Therefore, the Hungarian SA found that the Foundation breached Article 26(1) GDPR. Decision Based on Article …
20 January 2023
… Reference: Principles relating to processing of personal data (Article 5(1)(a)(e); Lawfulness of processing (Article … and modalities for the exercise of the rights of the data subject (Article 12); Information to be provided where … failure to designate a representative in the EU in breach of Article 27(4); failure to carry out a DPIA with …
24 November 2021
… Reference: Principles relating to processing of personal data (article 5), Legal basis (Article 6) Decision: Infringement of the GDPR Key words: Income Data, Lack of Procedures, Special Categories of Data … and national insurance. The Norwegian SA concluded that SPK breached the fundamental principles for the processing of …
3 July 2025
… meeting in Helsinki on 1–2 July 2025, the European Data Protection Board (EDPB) adopted a landmark Statement on … and concise guidance and ready-to-use tools, like a common data breach notification template, checklists, how-tos and FAQs, … meeting in Helsinki on 1–2 July 2025, the European Data Protection Board (EDPB) adopted a landmark Statement on …
4 November 2024
… Decision: Compliance order, Definitive limitation data processing, Administrative fine Key words: CCTV, … business model. Key findings The Slovenian SA found two breaches in the inspection proceeding. First, unlawful CCTV … people or property (violation of Article 78 of the national Data Protection Act). And second, these CCTV footages were …
3 January 2024
… 2023 Cross-border case Hungarian National Authority for Data Protection and Freedom of Information (Hungarian … Supervisory Authority, SA) and CSAs: Office for Personal Data Protection of the Slovak Republic (Slovak Supervisory … respective responsibilities. , The Foundation was found in breach of Article 26(1) of the GDPR, as the cooperation …
15 May 2020
… Danish recruitment company 15 May 2020 Denmark The Danish Data Protection Authority considers that in a case on the … JobTeam has not met the basic requirements of the General Data Protection Regulation (GDPR) that personal data must be … It is the view of the Danish Data Protection Agency that a breach of the fundamental principles of the regulation …
28 July 2020
… Article 5 (Principles relating to processing of personal data) Article 12 (Transparent information, communication and modalities for the exercise of the rights of the data subject) Article 13 (Information to be provided where personal data are collected from the data subject) Article 14 …
15 September 2021
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data breach Data security Outcome No sanction decision.pdf …
3 February 2025
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data breach Outcome No sanction 1619_redacted.pdf 65KB …
30 May 2023
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 32 (Security of processing) Keywords Data security Sensitive data Personal data breach Outcome No …
25 November 2019
… Communications SA was sanctioned with a reprimand for the breach of provisions of Article 32 paragraph (1) letter b) … Communications SA could not prove the accuracy of the data processed, which led to the violation of the basic principle for data processing provided by Article 5 paragraph (1) letter …
7 August 2023
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Encryption Notification of personal data breach Outcome Dismissal/Rejection of the case Decision …
8 March 2023
… of processing) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data breach Data security …
27 January 2021
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Data security Personal data breach Employment Outcome No …
24 April 2023
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data breach Data security Outcome No sanction Decision …
31 March 2021
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data breach Outcome Reprimand Decision 202.5KB Download …
13 June 2022
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Data security Personal data breach Finance Outcome Reprimand …