Search results | European Data Protection Board

EDPBI:EE:OSS:D:2021:289
4 November 2021
… Article 5 (Principles relating to processing of personal data) Article 32 (Security of processing) Keywords Personal data breach Data security Fraud Third party access to personal …
EDPBI:FR:OSS:D:2021:181
6 January 2021
Decision by the SA
… and modalities for the exercise of the rights of the data subject) Article 32 (Security of processing) Keywords Personal data breach Data security Password Data subject rights …
Guidelines 1/2020 on processing personal data in the context of connected vehicles and mobility related applications
28 January 2020
Guidelines
… Guidelines 1/2020 on processing personal data in the context of connected vehicles and mobility … reference: 1/2020 Guidelines 1/2020 on processing personal data in the context of connected vehicles and mobility … Guidelines Topics: New Technology e-Privacy The European Data Protection Board welcomes comments on the Guidelines …
Poland SAs list of the kind of processing operations which are subject to the requirement for a Data Protection Impact Assessment under Article 35(4) of the General Data Protection Regulation (EU) 2016/679 (GDPR)
26 July 2019
Decision by the SA
… operations which are subject to the requirement for a Data Protection Impact Assessment under Article 35(4) of the General Data Protection Regulation (EU) 2016/679 (GDPR) Decision Type SA Poland 26 July 2019 Data Protection Impact Assessment (DPIA) Poland DPIA List …
EDPB requests that Irish SA amends WhatsApp decision with clarifications on transparency and on the calculation of the amount of the fine due to multiple infringements
2 September 2021
News
… the draft decision of the IE SA already identified a severe breach of Art. 12-13-14 GDPR. The EDPB identified additional … Art. 5(1)(a) GDPR . Regarding WhatsApp IE’s collection of data of non-users - when users decide to use the Contact … IE does not lead to anonymisation of the collected personal data. Regarding the imposed fine and the calculation of the …
EDPBI:NO:OSS:D:2024:1408
20 August 2024
… and modalities for the exercise of the rights of the data subject) Article 13 (Information to be provided where personal data are collected from the data subject) Keywords … Privacy statement International transfer Personal data breach Right to erasure Outcome No sanction …
EDPBI:CZ:OSS:D:2019:28
11 July 2019
… Article 5 (Principles relating to processing of personal data) Article 6 (Lawfulness of processing) Keywords Consumer … 1/11 THE OFFICE FOR PERSONAL DATA PROTECTION Pplk. Sochora 27, 170 00 Prague 7, Czech … the above conclusion in itself does not mean that the is in breach of the rules stipulated by Regulation (EU) 2016/679, …
EDPBI:NL:OSS:D:2024:1534
13 November 2024
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 5 (Principles relating to processing of personal data) Keywords Consumer protection Outcome …
Guidelines 2/2020 on articles 46 (2) (a) and 46 (3) (b) of Regulation 2016/679 for transfers of personal data between EEA and non-EEA public authorities and bodies
15 December 2020
Guidelines
… 46 (3) (b) of Regulation 2016/679 for transfers of personal data between EEA and non-EEA public authorities and bodies … 46 (3) (b) of Regulation 2016/679 for transfers of personal data between EEA and non-EEA public authorities and bodies … if one of the parties becomes aware of a personal data breach, it will inform the other party (ies) as soon as …
Support Pool of Experts (SPE) Programme
… . The main objective of this programme is to help European Data Protection Authorities (DPAs) increase their capacity to supervise and enforce data protection rules by developing common tools and giving … biometrics including facial recognition DPIA, personal data breaches, risk management Fintech IT auditing, information …
Opinion 05/2021 on the draft Administrative Arrangement for the transfer of personal data between the Haut Conseil du Commissariat aux Comptes (H3C) and the Public Company Accounting Oversight Board (PCAOB)
2 February 2021
Opinion of the Board (Art. 64)
… Administrative Arrangement for the transfer of personal data between the Haut Conseil du Commissariat aux Comptes … Administrative Arrangement for the transfer of personal data between the Haut Conseil du Commissariat aux Comptes … data”, “processing of personal data”, “personal data breach”, “right of access” and “right of erasure”. 3 …
EDPBI:MT:OSS:D:2019:60
10 October 2019
… Information and Data Protection Commissioner Vs COMPLAINT Reference is made … received from the Berlin Commissioner for Data Protection and Freedom of Information (the "concerned … who is alleging that ("the controller" or " ") breached his data protection rights, as enshrined under the …
EDPBI:FR:OSS:D:2021:310
30 December 2021
… Article 5 (Principles relating to processing of personal data) Article 13 (Information to be provided where personal data are collected from the data subject) Article 17 (Right … be informed Right to erasure Data retention Personal data breach Data security Password Outcome Administrative fine …
EDPBI:BG:OSS:D:2023:1066
13 September 2023
… Article 5 (Principles relating to processing of personal data) Article 25 (Data protection by design and by default) Article 28 … fine Data protection by design and by default Personal data breach Processor Responsibility of the controller Outcome …
Draft administrative arrangement following EDPB opinion 04/2019 for the transfer of personal data between each of the European Economic Area (“EEA”) Authorities set out in Appendix A and each of the non-EEA Authorities set out in Appendix B
7 January 2019
Other
… following EDPB opinion 04/2019 for the transfer of personal data between each of the European Economic Area (“EEA”) … administrative arrangement for the transfer of personal data between Each of the European Economic Area (“EEA”) … social identity of that natural person; (e) “personal data breach” means a breach of data security leading to the …
Romanian Supervisory Authority fine against Hora Credit IFN S.A.
10 December 2019
News
… the infringement of certain provisions of General Data Protection Regulation (GDPR). The controller was … Hora Credit IFN SA sent documents containing the personal data of another person to the e-mail address. Although this … risks and notification of the ANSPDCP in case of a security breach, under the conditions provided by Article 33 …
Dutch DPA imposes fine of €525,000 on Locatefamily.com
12 May 2021
News
… on Locatefamily.com 12 May 2021 Netherlands The Dutch Data Protection Authority (DPA) has imposed a fine of … in the EU. The lack of a representative in the EU is a breach of the General Data Protection Regulation (GDPR) and is the reason the fine … The Dutch Data Protection Authority (DPA) has imposed a fine of …
Facial recognition at airports: individuals should have maximum control over biometric data
24 May 2024
Press releases
… individuals should have maximum control over biometric data 24 May 2024 EDPB Brussels, 24 May - During its latest … Article 64(2) Opinion, following a request from the French Data Protection Authority, addresses a matter of general … Consistency New Technology Cybersecurity and data breach …
EDPBI:FR:OSS:D:2023:802
8 June 2023
… Article 5 (Principles relating to processing of personal data) Article 6 (Lawfulness of processing) Article 9 (Processing of special categories of personal data) Article 12 (Transparent information, communication and … of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Administrative …
EDPB contributes to the LED evaluation and adopts recommendations on the application for Processor BCR
19 January 2026
Press releases
… of this, the Commission gathered the views of the European Data Protection Authorities (DPAs) on the application and … evaluations to ensure that the LED continues to uphold high data protection standards in the law enforcement context.” … advised competent national authorities on mitigating data breaches, while many DPAs have also carried out …