19 June 2020
… answer to the request of the plaintiff (Article 15 GDPR), did not respond within the deadline set by the GDPR (Article 12.3 GDPR) and was not sufficiently transparent (Article 12.1 …
24 January 2023
… instructed the IE DPA to add an infringement of Art. 6(1) GDPR. Additionally, the EDPB instructed the IE DPA to … of the principle of fairness under Art. 5(1)(a) GDPR. The EDPB further decided that the IE DPA must carry … it processes special categories of personal data (Art. 9 GDPR); whether it processes data for the purposes of …
26 January 2023
… The principle of accountability (Article 5(2) of the GDPR), lawfulness of processing (Article 6(1) of the GDPR) Summary of the Decision Origin of the case The … of such measures must comply with the requirements of the GDPR. In the light of the principle of accountability …
14 January 2020
… as a controller had complied with the requirements of the GDPR and that its internal policies and regulations provided … had a legal right under Articles 5(1) and 6(1)(f) of the GDPR to carry out an internal investigation searching and … in his corporate PC. Following the finding that the GDPR had been infringed, the Authority decided in this …
26 April 2024
… municipality of Garðabær infringed multiple Articles of the GDPR with its use of Google’s educational system i.e.: … accordance with the Regulation (Articles 5, 24(1) & 28(1) GDPR) Data processing agreement did not meet the minimum requirements (Article 28(3)(a) GDPR) Failure to ensure that data is not further processed …
… meeting the European Data Protection Board endorsed the GDPR related WP29 Guidelines: Guidelines on consent under … 9/2022 on personal data breach notification under GDPR Guidelines on the right to data portability under … records of processing activities pursuant to Article 30(5) GDPR Working Document Setting Forth a Co-Operation Procedure …
29 November 2019
… mentioned in Article 83 paragraph (5) letter a) of GDPR – fine in the amount of 2389.05 lei, the equivalent of … mentioned in Article 83 paragraph (5) letter b) of GDPR – reprimand; for the contravention found pursuant to … mentioned in Article 83 paragraph (4) letter a) of GDPR – reprimand. The sanctions were imposed following a …
12 October 2020
… of the concept, which will help streamline future Art. 65 GDPR procedures. Within the cooperation mechanism set out by the GDPR, the supervisory authorities (SAs) have a duty to … to reach consensus”. According to Article 60(3) and (4)GDPR, the lead supervisory authority (LSA) is required to …
15 September 2022
… Ireland Limited (Meta IE)) and has issued a record GDPR fine of €405 million. The LSA’s final decision follows … second highest fine since the entry into application of the GDPR - it is also the first EU-wide decision on children’s … EDPB’s binding decision was adopted on the basis of Art. 65 GDPR, after the Irish DPA as lead supervisory authority …
17 January 2025
… protection . EDPB clarifies the use of pseudonymisation for GDPR compliance The GDPR introduces the term ‘pseudonymisation’* and refers to … to use legitimate interests as a legal basis (Art. 6(1)(f) GDPR), as long as all other GDPR requirements are met. …
20 October 2022
… Lawfulness of processing of personal data (article 6 of the GDPR), Rights of individuals (articles 12, 15 and 17 of the GDPR), Cooperation with supervisory authority (article 31 of the GDPR) Decision: Infringement of the GDPR, Administrative …
15 June 2023
… Key Findings The French SA found five breaches of the GDPR: Failure to demonstrate that the person has given consent (Article 7.1 GDPR) Failure to comply with the obligation of information and transparency (Articles 12 and 13 GDPR) Failure to respect the right of access (Article 15.1 …
13 December 2019
… 12 and 13 of the General Data Protection Regulation (GDPR); the infringement of Article 5 paragraph (1) letter c), Article 6 and Article 7 of GDPR; the infringement of Article 5 paragraph (1) letter c), Article 9 and Article 7 of GDPR; the infringement of Article 5 paragraph (1) letters …
17 May 2024
… The Guide provides practical information to SMEs about GDPR compliance and benefits in an accessible and easily … Guide for small business covers various aspects of the GDPR, from data protection basics, to data subject rights … practical materials to help SMEs on their way to become GDPR compliant In the near future, the Guide will become …
29 November 2022
… Legal Reference: 1. Articles 5(1)(f) and 32(1) of the GDPR 2. Article 5(1), Article 32(1), Article 33(1) of the GDPR 3. Article 15, Article 13, Article 12 of the GDPR 4. Article 5(1)(f) and 32(1), Article 24 and 30(1), …
23 April 2025
… application of the General Data Protection Regulation (GDPR) across Europe. To support understanding and … across Europe, ensure consistent enforcement of the GDPR, and address emerging challenges, including … The number of consistency opinions adopted under Art. 64(2) GDPR significantly increased. In 2024, the Board adopted …
6 July 2022
… TotalEnergies Électricité et Gaz France Legal Reference: GDPR: Right of access (Article 15), Right to object (Article … prospection (Article L.34-5). Decision: Infringement of the GDPR, infringement of the French Postal and Electronic … French Post and Electronic Communications Code or CPCE). GDPR: Failure to comply with the obligation to inform …
7 February 2023
… Legal references: Article 83 (1- 3) and (4) (a) and (5) (a) GDPR (General conditions for imposing administrative fines), Article 28 (1) (3) and (9) GDPR (Processor), Article 33 (1) GDPR (Notification of a personal data breach to the …
11 December 2019
… Session, the EDPB adopted the following documents: Art. 64 GDPR Opinion on Accreditation Requirements for Codes of … Right to be Forgotten in the search engine cases under the GDPR” (part 1) … During its December Plenary Session, the EDPB adopted the following documents: Art. 64 GDPR Opinion on Accreditation Requirements for Codes of …
16 September 2022
… Reference: data retention periods (Article 5.1.e of the GDPR), security of personal data (Article 32 of the GDPR) Decision: infringement of the GDPR, Administrative fine Key words: website, data retention …