14 July 2022
… of the rights in the Proposal is not consistent with the GDPR and there is a substantial risk of legal uncertainty … of the different rights between the Proposal and the GDPR.” EDPS Supervisor Wojciech Wiewiórowski said : “ Health … the Commission’s efforts to align the Proposal with the GDPR provisions when personal data is involved, they note …
12 June 2023
… Origin of the case The General Data Protection Regulation, GDPR, entered into force in 2018 and means, among other … information pursuant to article 15.1 a-h and 15.2 of the GDPR that should be provided to the individual making the … violations of articles 12.1, 15.1 a-d, g and 15.2 of the GDPR. IMY has further found that Spotify had failed in its …
29 March 2021
… infringements of the General Data Protection Regulation (GDPR) were imposed on the National Public Health Centre … of Articles 5, 13, 24, 32, 35 and Article 58(2)(f) of the GDPR, and a fine of EUR 3,000 was imposed on the Company for infringements of Articles 5, 13, 24, 32 and 35 of the GDPR. In spring 2020, the DPA started monitoring activities …
15 July 2022
… legitimate interest (Article 6(1)(f) GDPR) Decision: Issuance of warning to controller that … transposing directive 2002/58/EC and Article 6(1)(f) GDPR; Key words: Personalised advertising; legal basis; … user’s consent; warning to controller; Article 58(2)(a) GDPR; Section 154(1)(f) of Italian personal data protection …
21 January 2019
… in accordance with the General Data Protection Regulation (GDPR), for lack of transparency, inadequate information and … as defined in the General Data Protection Regulation (“GDPR”), the CNIL sent these two complaints to its European … assess if it was competent to deal with them. Indeed, the GDPR establishes a “one-stop-shop mechanism” which provides …
14 November 2019
… guidelines aim to provide a common interpretation of the GDPR for EEA Data Protection Authorities when assessing … the territorial scope of the legal framework, as per Art. 3 GDPR. The Guidelines provide further clarification on the application of the GDPR in various situations, for example, where the data …
15 September 2023
… that TikTok Technology Limited (TikTok) infringed the GDPR's principle of fairness when processing personal data … TikTok infringed the principle of fairness under the GDPR. Consequently, the EDPB instructed the IE DPA to … infringement and to order TikTok to comply with the GDPR by eliminating such design practices. The EDPB also …
14 March 2022
… the data subject (Article 13) Decision: Infringement of the GDPR, administrative fine and reprimand Summary of the … right to inspect their own data in accordance with the GDPR or to give a reason for restricting this right. The … Ombudsman issued the company a reprimand for violating the GDPR and ordered it to change its procedure to comply with …
29 June 2021
… and their rights in accordance with Article 13 of the GDPR. Additionally, labels and signs indicating the video … Data Protection and the Processing of Personal Data and the GDPR. Moreover, the data subjects affected by these … personal data merits specific protection according to the GDPR. It was also regarded that employers have a …
27 September 2021
… for the Republic of Korea. The EDPB focused on general GDPR aspects and access by public authorities to personal … of data protection essentially equivalent to that of the GDPR. Such as, for example, the adoption of notifications by … authority (PIPC), which aim to fill the gaps between the GDPR and the Korean data protection framework, like the …
14 July 2022
… This will help Supervisory Authorities (SAs) enforce the GDPR more efficiently, ultimately benefiting and empowering … to the interpretation, application or enforcement of the GDPR; a case related to the intersection of data protection … the scope of the EDPB strategy; a case where the GDPR implies that a high risk can be assumed, such …
13 July 2020
… breach or mitigate its adverse effects (Art. 33 (3) (d) GDPR) The company hired a forensics firm to identify network … or public com- munication (Art. 34 (1) or Art. 34 (3) (c) GDPR) The concerned data subjects were informed of the … incident occurred, e.g. encryption (Arti- cle 34 (3) (a) GDPR) - 3 - The stolen passwords were hashed with PBKDF2-SHA …
24 February 2020
… documents: EDPB Contribution to the evaluation of the GDPR under Article 97 Guidelines on Articles 46 (2) (a) and … documents: EDPB Contribution to the evaluation of the GDPR under Article 97 Guidelines on Articles 46 (2) (a) and …
11 April 2022
… Reference: Article 5 (2) Decision: Infringement of the GDPR Key words: Deletion Summary of the Decision Origin … million EUR) for the infringement of Article 5 (2) of the GDPR. Decision The Danish Supervisory Authority has reported … million EUR) for the infringement of Article 5 (2) of the GDPR. For further information: …
11 May 2020
… of Article 56.1 of the General Data Protection Regulation (GDPR). lodged a complaint with the CNIL regarding the … in accordance with the provisions of Article 58.2.b) of the GDPR. Indeed, has to ensure and be able to demonstrate that … manner in relation to them (Articles 5.1.a) and 5.2 GDPR). In addition, pursuant to Articles 17.1 and 21.1 GDPR, …
… the position in their organisations required by Art. 37-39 GDPR and the resources needed to carry out their tasks. The … all DPOs notified in Liechtenstein pursuant to Art. 37 (7) GDPR. The results of the joint initiative will be analysed … the position in their organisations required by Art. 37-39 GDPR and the resources needed to carry out their tasks. The …
12 February 2025
… up a quick response team. EDPB Chair Anu Talus said: “The GDPR is a legal framework that promotes responsible innovation. The GDPR has been designed to maintain high data protection … International Standard for Data Protection (ISDP) with the GDPR. The Anti-doping Code and Standards should hold the …
20 January 2023
… (Article 35) Decision: Infringement of the GDPR, Administrative fine, Ban on processing, Order to … limitation principles; infringement of Articles 6 and 7 GDPR; failure to provide the information set out by Articles … to bring processing operations into compliance with the GDPR as for the transparency-related infringements - by …
4 November 2024
… failed to demonstrate compliance with Article 6 of the GDPR in accordance with the accountability principle. … decided that there is no legal basis under Article 6 of the GDPR for the broadcast of the CCTV footage of employees … of the national Data Protection Act and Article 13 of the GDPR since the company also failed to inform data subjects …
6 December 2024
… on the controller for unlawful processing (Art. 5 and 6.1 GDPR). The controller was reprimanded for the shortcomings … and was ordered to correct its unlawful practices (Art. 13 GDPR). In addition, the DPA instructed the controller to … so that only necessary personal data is processed (Art. 25 GDPR). For further information: National press release: …