30 January 2020
… public consultation. The guidelines aim to clarify how the GDPR applies to the processing of personal data when using … devices and to ensure the consistent application of the GDPR in this regard. The guidelines cover both traditional … posed by the use of algorithms, an overview of the relevant GDPR provisions and existing guidelines addressing these …
… particular the record-keeping obligation under Art. 30(5) GDPR Statement 2/2025 on the implementation of the PNR … down additional procedural rules for the enforcement of the GDPR Statement 3/2024 on data protection authorities’ role … for clarifications on the consistent application of the GDPR, focusing on health research Letter to the Council of …
22 June 2021
… for violation of the General Data Protection Regulation (GDPR). This case concerns insufficient risk assessment and … that the bank did not meet the requirements of the GDPR for risk assessment and appropriate technical measures … risk assessment and testing as required by the law. The GDPR requires that the data controller carry out risk …
21 June 2023
… as follows: Article 5(1)(c) and Article 5(1)(e) of the GDPR The DPC found that Airbnb’s retention of a copy of the … of this complaint in accordance with Article 60(7) of the GDPR. In light of the infringements of Article 5(1)(c) and … a reprimand to Airbnb pursuant to Article 58(2)(b) of the GDPR. In addition, the DPC made the following orders against …
4 December 2025
… processing of personal data, and therefore aligns with the GDPR's principle of data protection by design and by … and remain committed to finding solutions to make GDPR compliance easier, especially for small organisations. … CJEU case law, and beyond a targeted modification of the GDPR, which may risk to adversely affect the fundamental …
10 March 2021
… by respecting existing data protection legislation. The GDPR is the foundation on which the European data governance … is why we underline the need to ensure consistency with the GDPR with regard to the competence of the supervisory … rules on the protection of personal data laid down in the GDPR and with the Open Data Directive. Furthermore, it …
6 February 2025
… a broad extent, should have a legal basis. In turn, the GDPR clearly provides (in Article 6(1)) that the processing … are under special protection, according to Article 9 of the GDPR. It should be emphasised that the National Public … how it should - in accordance with the provisions of the GDPR - notify the person whose data has been affected by the …
21 September 2023
… on additional procedural rules for the enforcement of the GDPR . This proposal aims to ensure the timely completion of … a concrete legislative proposal, which will complement the GDPR. With this Joint Opinion, we aim to ensure that the new … are respected, keeping in mind constraints inherent in the GDPR enforcement model. Moreover, we call on the …
15 January 2021
… facilitate compliance with the provisions under both the GDPR and the EUDPR. Among others, the EDPB and the EDPS … and processors with their obligations, both under the GDPR and under the legal framework of EU institutions and … data to third countries pursuant to Art. 46 (2) (c) GDPR will replace the existing SCCs for international …
17 October 2023
… In its decision, IMY states that H&M has violated the GDPR by not ceasing to handle the complainants' personal … 28 500 EUR) against the company for violations of the GDPR. For further information: H&M har gjort det onödigt … In its decision, IMY states that H&M has violated the GDPR by not ceasing to handle the complainants' personal …
7 September 2022
… Minimisation (Article 5.1.c) Decision: Infringement of the GDPR; Reprimand; Order to bring the processing operations into compliance with the GDPR Key words: Lawfulness; Purpose limitation; Data … to bring the processing operation into compliance with the GDPR by no longer requiring the conduct of a social and …
26 November 2021
… of processing (Article 32). Decision: Infringement of the GDPR, Fine Key words: Principles, Lawfulness of processing, … on its own initiative whether the project complied with the GDPR. Key findings In its decision, the Icelandic DPA notes … the processing as well as the multiple infringements of the GDPR. The Ministry of Industries and Innovation was fined …
7 October 2019
… of accuracy) of the General Data Protection Regulation (GDPR). It therefore imposed an administrative fine of EUR … for direct marketing purposes (Article 21 (3) of the GDPR) as well as Article 25 (data protection by design) of the GDPR and imposed an administrative fine of EUR 200.000 on …
3 November 2021
… of processing (Article 32) Decision: Infringement of the GDPR, Order to comply Key words: Loss of … a violation of Article 5.1.f) and Article 32 of the GDPR, for which the telephone company is responsible. The … of processing (Article 32) Decision: Infringement of the GDPR, Order to comply Key words: Loss of …
1 December 2019
… been made. This is, however, mandatory under Art. 37 (7) GDPR. Violations of this requirement are subject to a fine in accordance with Art. 83 Para. 4 lit. a) GDPR. The fine may sound low at first sight. However, … been made. This is, however, mandatory under Art. 37 (7) GDPR. Violations of this requirement are subject to a fine …
9 June 2020
… supervisory authority has, infringing Article 58.1 of the GDPR. This infringement is typified in Article 83.5(e) of the GDPR and is classified for prescription purposes as very … supervisory authority has, infringing Article 58.1 of the GDPR. This infringement is typified in Article 83.5(e) of …
6 February 2025
… bank has failed to comply with its obligations under the GDPR after the personal data of a group of customers was … secrets does not exempt from the application of the GDPR. Decision The President of the Personal Data … 928 498,06 € on mBank for infringement of Article 34 of the GDPR. The fine amount represents 24 thousandths of one per …
22 November 2019
… Privacy Shield Guidelines on the Territorial Scope of the GDPR (version following public consultation) Guidelines on … Privacy Shield Guidelines on the Territorial Scope of the GDPR (version following public consultation) Guidelines on …
31 October 2019
… with Article 32 paragraph (1) and paragraph (2) of the GDPR , which led to imposing an administrative fine in the … with Article 32 paragraph (1) and paragraph (2) of the GDPR , as well as of Article 33 paragraph (1) of the GDPR, which led to imposing an administrative fine in the …
8 May 2020
… attention. The Board underlines that, according to the GDPR, personal data, such as names and addresses, and … data.” However, the EDPB stresses that enforcement of the GDPR lies with the national supervisory authorities. The … In the first instance, the assessment of alleged GDPR infringements falls within the competence of the …