30 June 2022
… (Articles 44 and 46). Decision: infringement of the GDPR; order to comply; order to suspend data flows to U.S.; … data transfers despite their being in violation of the GDPR. Key Findings: The Italian SA found that Caffeina … be transferred to the U.S. in violation of Chapter V of the GDPR, since the measures adopted by Google to supplement the …
7 December 2023
… adopted an order imposing a temporary ban under Art. 66 (1) GDPR on Meta IE and Facebook Norway AS (“Facebook Norway”) … EDPB concluded that there are ongoing infringements of the GDPR and there is an urgent need to act in light of the … found that there was an ongoing infringement of art. 6 (1) GDPR because of the inappropriate use of the legal bases of …
19 February 2021
… that CAIXABANK had violated Articles 13 and 14 of the GDPR. Following Article 83 (5) b of the GDPR, a fine of 2.000.000 EUR was imposed. When deciding on … that this constituted a breach of Article 6 of the GDPR, and according to Article 83 (5) a of the GDPR, an …
26 January 2021
… fine of NOK 100 000 000 for not complying with the GDPR rules on consent. - Our preliminary conclusion is that … to users. We consider that this was contrary to the GDPR requirements for valid consent. - Grindr is seen as a … magnitude as our findings suggest grave violations of the GDPR. Grindr has 13.7 million active users, of which …
20 May 2021
… During its plenary session, the EDPB adopted two Art. 64 GDPR opinions on the first draft decisions on transnational … guidance and define specific requirements (i.e. Art. 28 GDPR) for processors in the EU subject to these Codes. They … is of the opinion that both draft codes comply with the GDPR and fulfil the requirements set forth in Art. 40 and 41 …
31 October 2019
… 40,000 on a public entity for failure to comply with the GDPR. The reason for imposing the fine was that the mayor of … of the Office concluded that Article 28 (3) of the GDPR had been violated. This provision obliges the … of lawfulness of processing (Article 5(1)(a) of the GDPR) and the principle of confidentiality (Article 5(1)(f) …
24 April 2020
… into the possibility of relying on a derogation of Art. 49 GDPR to enable international flows. The EDPB tackled this … research. In its letter, the EDPB reiterates that the GDPR allows for collaboration between EEA and non-EEA … decisions or appropriate safeguards (included in Article 46 GDPR) should be favoured, according to the EDPB. However, …
6 December 2022
… three dispute resolution decisions on the basis of Art. 65 GDPR concerning Meta Platforms Ireland Limited (Meta IE). … in ensuring the correct and consistent application of the GDPR by the national Supervisory Authorities. The Irish SA … among others, the legal basis for processing (Art. 6 GDPR), data protection principles (Art. 5 GDPR), and the use …
13 October 2021
… Controller: Ferde AS Legal Reference: Processor (ARTICLE 28 GDPR), Security of Processing (ARTICLE 32 GDPR), General principle for transfers (ARTICLE 44 GDPR) Decision: infringement declared and fine imposed Key …
3 September 2019
… non-compliance with the General Data Protection Regulation (GDPR), nonconformity with data subjects rights to erasure … comply with an order issued by the DSI in accordance with GDPR Article 58(2)(c) and (g) and Article 23 of the Personal … with the rights of the data subject in accordance with GDPR Article 17 – data subject right to obtain from the …
13 September 2022
… implementation of the General Data Protection Regulation (GDPR). There are high expectations regarding the GDPR’s success in reining in data protection abuses, … its legal duties at the service of the EDPB and of the GDPR. Should this happen, the enforcement of individuals’ …
22 May 2023
… Authority (IE DPA). This fine, which is the largest GDPR fine ever, was imposed for Meta’s transfers of personal … to bring its data transfers into compliance with the GDPR. Andrea Jelinek, EDPB Chair, said: “The EDPB found that … bring processing operations into compliance with Chapter V GDPR, by ceasing the unlawful processing, including storage, …
… and application of the General Data Protection Regulation (GDPR) . … The EDPB uses a number of approaches and tools to … and application of the General Data Protection Regulation (GDPR) . … Our Work & Tools …
… Authorities (SAs) to settle disputes when they enforce the GDPR. Such disputes may arise when SAs do not reach an … protection of personal data and draft legislation (Art. 70 GDPR). In some instances, the EDPB issues Joint Opinions … Supervisory Authorities on cross border matters (Art. 64 GDPR). If authorities fail to respect an opinion issued by …
… context of scientific research Study on the enforcement of GDPR obligations against entities established outside the EEA but falling under Article 3(2) GDPR Study on the national administrative rules impacting … study on the appropriate safeguards under Article 89(1) GDPR for the processing of personal data for scientific …
20 January 2023
… OÜ Legal Reference: Lawfulness of processing (Article 6 GDPR), Information to be provided where personal data are collected from the data subject (Article 13 GDPR) Decision: precept, … whether it complies with the requirements in the GDPR. Estonian SA evaluated and analysed the documents, that …
12 January 2023
… decisions were adopted on the basis of Art. 65(1)(a) GDPR, after the IE DPA as lead supervisory authority (LSA) … concerning the legal basis for processing (Art. 6 GDPR), data protection principles (Art. 5 GDPR), and the use of corrective measures including fines. …
4 September 2020
… on the concepts of controller and processor in the GDPR and Guidelines on the targeting of social media users. … on the concepts of controller and processor in the GDPR . Since the entry into application of the GDPR, questions have been raised as to what extent the GDPR …
5 May 2022
… Right to erasure (Article 17) Decision: Infringement of the GDPR: article 12.1 and 12.3 GDPR Key words: Search engine - delisting request Summary … Spain case law, the applicability of Article 3.1. of the GDPR (not contested by the Google parties) and the useful …
20 January 2023
… relating to processing of personal data (Article 5 GDPR), Lawfulness of processing (Article 6 GDPR), Conditions for consent (Article 7 GDPR), Transparency and information obligations (Articles 12 …