Search results | European Data Protection Board

Data Protection Day 2023
27 January 2023
News
… Data Protection Day, we invite you to take a look back at GDPR enforcement over the last few years and explore how the … Data Protection Day, we invite you to take a look back at GDPR enforcement over the last few years and explore how the …
European Data Protection Board - Our Mission
14 March 2018
… their rights and obligations. We are also empowered by the GDPR to make binding decisions towards national supervisory … their rights and obligations. We are also empowered by the GDPR to make binding decisions towards national supervisory …
Polish SA: administrative fine of 928 498,06 € for failure to inform data breach victims
6 February 2025
News
… bank has failed to comply with its obligations under the GDPR after the personal data of a group of customers was … secrets does not exempt from the application of the GDPR. Decision The President of the Personal Data … 928 498,06 € on mBank for infringement of Article 34 of the GDPR. The fine amount represents 24 thousandths of one per …
The Romanian Supervisory Authority fines Raiffeisen Bank S.A. and Vreau Credit S.R.L.
31 October 2019
News
… with Article 32 paragraph (1) and paragraph (2) of the GDPR , which led to imposing an administrative fine in the … with Article 32 paragraph (1) and paragraph (2) of the GDPR , as well as of Article 33 paragraph (1) of the GDPR, which led to imposing an administrative fine in the …
EDPB adopts letter on Polish presidential elections data disclosure & discusses recent Hungarian government decrees in relation to the coronavirus during the state of emergency
8 May 2020
Press releases
… attention. The Board underlines that, according to the GDPR, personal data, such as names and addresses, and … data.” However, the EDPB stresses that enforcement of the GDPR lies with the national supervisory authorities. The … In the first instance, the assessment of alleged GDPR infringements falls within the competence of the …
December Plenary - adopted documents
12 January 2022
News
… consultation) Opinion 39/2021 on whether Article 58(2)(g) GDPR could serve as a legal basis for a supervisory … consultation) Opinion 39/2021 on whether Article 58(2)(g) GDPR could serve as a legal basis for a supervisory …
EDPB adopted documents - 26th, 28th and 30th plenary
9 June 2020
News
… to NGOs on Hungarian government decrees Statement on Art 23 GDPR … to NGOs on Hungarian government decrees Statement on Art 23 GDPR …
Polish SA: administrative fine of 81 000 € for failure to implement appropriate technical and organisational measures to ensure security
6 February 2025
News
… data. This was because, contrary to the indications of the GDPR the controller had not carried out an adequate risk … so that the processing meets the requirements of the GDPR and protects the rights of data subjects (point I(b) of … to comply with the principle of accountability under the GDPR (Article 5(2)) both before and after the incident. At …
Finnish SA: Fine for a company for carrying out direct marketing with robocalls without consent
6 July 2021
News
… required by the General Data Protection Regulation (GDPR) for carrying out direct marketing. The Office of the … their rights as data subjects in accordance with the GDPR, because the robot could not understand the question of … and the method for obtaining it were not compliant with the GDPR, because consent was not requested separately for …
Italian Garante - E-INVOICES: NO DATABASE TO BE SET UP BY ITALY’S REVENUE AGENCY. NO E-INVOICES FOR HEALTH CARE SERVICES
20 March 2019
News
… relying on the new powers set out in Article 58 of the EU GDPR. The warning was addressed to the Revenue Agency to … the 15 th of April this year, pursuant to Article 35 of the GDPR. The Garante had already emphasized that the Agency … data protection by design approach that is set forth in the GDPR; indeed, the Garante had pointed out that such a …
The French SA fines SOLOCAL €900 000
21 May 2025
News
… consent, in compliance with the requirements of the GDPR, which would have formed the basis for the prospecting … to processing of his or her personal data (Article 7 of the GDPR): The company failed to provide the French SA with … Code (CPCE) and the General Data Protection Regulation (GDPR) regarding the collection and proof of consent. It …
Data protection issues arising in connection with the use of Artificial Intelligence
20 May 2022
News
… 12(1), 13, 21(1), 21(2), 24(1), 25(1), and 25(2) of the GDPR, Order to comply with the above Articles, Imposing … the serious infringement of numerous articles of the GDPR for a long period, ordered the data controller to stop … continue the data processing if made compliant with the GDPR, and issued an administrative fine in HUF equal to …
Croatian SA imposed an administrative fine on debt collection agency B2 Kapital
16 May 2023
News
… from May 25, 2018 until today. Contrary to Article 28 the GDPR, the data controller did not conclude a contract on … personal data , which is contrary to Article 32.2 of the GDPR. Due to not undertaking appropriate measures, the … EUR due to violations of Articles 13, 28 and 32 of the GDPR. For further information: Agenciji za naplatu …
Legacy: Art. 29 Working Party
… data until 25 May 2018 (entry into application of the GDPR). Archived news on Art. 29 WP , European Commission … data until 25 May 2018 (entry into application of the GDPR). Archived news on Art. 29 WP , European Commission …
Imposition of a fine on a bank for an incident of personal data breach
30 April 2025
News
… breach to the data subject) Decision: infringement of the GDPR, administrative fines imposed Key words: access … default, in conjunction with Articles 32, 33, and 34 of the GDPR, as well as an administrative fine of EUR 20,000 for … breach to the data subject) Decision: infringement of the GDPR, administrative fines imposed Key words: access …
Thirty-first Plenary session: Establishment of a taskforce on TikTok, Response to MEPs on use of Clearview AI by law enforcement authorities, Response to ENISA Advisory Group, Response to Open Letter NYOB
10 June 2020
Press releases
… by all data controllers whose processing is subject to the GDPR, in particular when it comes to the transfer of … data by public authorities or the application of the GDPR territorial scope, in particular when it comes to the processing of minors’ data. The EDPB recalls that the GDPR applies to the processing of personal data by a …
DSGVO-information privacy standard
… Processing of Personal Data pursuant to Art. 42 GDPR (‘GDPR – information privacy standard’), Version 0.9.7 Opinion … IT-supported processing of Personal Data pursuant to art 42 GDPR (‘GDPR – information privacy standard’)” presented 2 …
London pharmacy fined after “careless” storage of patient data
20 December 2019
Press releases
… an infringement of the General Data Protection Regulations (GDPR). The ICO launched its investigation into Doorstep … considered the contravention from 25 May 2018, when the GDPR came into effect. Doorstep Dispensaree has also been … Act 2018 (DPA2018), the General Data Protection Regulation (GDPR), the Freedom of Information Act 2000 (FOIA), …
European Data Protection Board - Second plenary meeting: ICANN, PSD2, Privacy Shield
5 July 2018
Press releases
… thorough preparation of the WP29 in the past two years. The GDPR does not offer a quick fix in case of a complaint but … (ICANN), providing guidance to enable ICANN to develop a GDPR-compliant model for access to personal data processed … personal data concerning registrants in compliance with the GDPR, without leading to an unlimited publication of those …
July 7 & 12 plenaries - adopted documents
22 July 2021
News
… Urgent Binding Decision on the request under Article 66(2) GDPR from the Hamburg Supervisory Authority for ordering the … Urgent Binding Decision on the request under Article 66(2) GDPR from the Hamburg Supervisory Authority for ordering the …