Search results | European Data Protection Board

Irish SA adopts decision concerning Airbnb Ireland
21 June 2023
News
… as follows: Article 5(1)(c) and Article 5(1)(e) of the GDPR The DPC found that Airbnb’s retention of a copy of the … of this complaint in accordance with Article 60(7) of the GDPR. In light of the infringements of Article 5(1)(c) and … a reprimand to Airbnb pursuant to Article 58(2)(b) of the GDPR. In addition, the DPC made the following orders against …
Polish SA: administrative fine of 19 800 € for failure to notify a personal data breach to the supervisory authority
6 February 2025
News
… a broad extent, should have a legal basis. In turn, the GDPR clearly provides (in Article 6(1)) that the processing … are under special protection, according to Article 9 of the GDPR. It should be emphasised that the National Public … how it should - in accordance with the provisions of the GDPR - notify the person whose data has been affected by the …
Fifteenth Plenary Session: adopted documents
22 November 2019
News
… Privacy Shield Guidelines on the Territorial Scope of the GDPR (version following public consultation) Guidelines on … Privacy Shield Guidelines on the Territorial Scope of the GDPR (version following public consultation) Guidelines on …
EDPB & EDPS adopt joint opinions on new sets of SCCs
15 January 2021
Press releases
… facilitate compliance with the provisions under both the GDPR and the EUDPR. Among others, the EDPB and the EDPS … and processors with their obligations, both under the GDPR and under the legal framework of EU institutions and … data to third countries pursuant to Art. 46 (2) (c) GDPR will replace the existing SCCs for international …
Swift adoption of Regulation to streamline cross-border enforcement needed
21 September 2023
News
… on additional procedural rules for the enforcement of the GDPR . This proposal aims to ensure the timely completion of … a concrete legislative proposal, which will complement the GDPR. With this Joint Opinion, we aim to ensure that the new … are respected, keeping in mind constraints inherent in the GDPR enforcement model. Moreover, we call on the …
Sanction on a public centre for social welfare (PCSW) for unlawfully collecting a disproportionate amount of personal data
7 September 2022
News
… Minimisation (Article 5.1.c) Decision: Infringement of the GDPR; Reprimand; Order to bring the processing operations into compliance with the GDPR Key words: Lawfulness; Purpose limitation; Data … to bring the processing operation into compliance with the GDPR by no longer requiring the conduct of a social and …
AEPD impose a fine to a telephone company for a loss of confidentiality and a lack of adequate technical and organisational measures
3 November 2021
News
… of processing (Article 32) Decision: Infringement of the GDPR, Order to comply Key words: Loss of … a violation of Article 5.1.f) and Article 32 of the GDPR, for which the telephone company is responsible. The … of processing (Article 32) Decision: Infringement of the GDPR, Order to comply Key words: Loss of …
Hamburg Data Protection Commissioner's €51,000 fine against Facebook Germany GmbH
1 December 2019
News
… been made. This is, however, mandatory under Art. 37 (7) GDPR. Violations of this requirement are subject to a fine in accordance with Art. 83 Para. 4 lit. a) GDPR. The fine may sound low at first sight. However, … been made. This is, however, mandatory under Art. 37 (7) GDPR. Violations of this requirement are subject to a fine …
The Spanish Data Protection Authority fined the company Iberdrola for not responding to the request for information with 4,000 euros
9 June 2020
News
… supervisory authority has, infringing Article 58.1 of the GDPR. This infringement is typified in Article 83.5(e) of the GDPR and is classified for prescription purposes as very … supervisory authority has, infringing Article 58.1 of the GDPR. This infringement is typified in Article 83.5(e) of …
EDPB establishes cookie banner taskforce
27 September 2021
News
… was established in accordance with Art. 70 (1) (u) GDPR and aims to promote cooperation, information sharing … was established in accordance with Art. 70 (1) (u) GDPR and aims to promote cooperation, information sharing …
The Secretariat of the European Data Protection Board
25 May 2018
Press releases
… all the tasks it is required to carry out under the GDPR. The EDPB Secretariat is composed of legal experts, … all the tasks it is required to carry out under the GDPR. The EDPB Secretariat is composed of legal experts, …
Icelandic DPA issues fine to the Ministry of Industries and Innovation and YAY ehf. for data processing through a digital gift card app
26 November 2021
News
… of processing (Article 32). Decision: Infringement of the GDPR, Fine Key words: Principles, Lawfulness of processing, … on its own initiative whether the project complied with the GDPR. Key findings In its decision, the Icelandic DPA notes … the processing as well as the multiple infringements of the GDPR. The Ministry of Industries and Innovation was fined …
Administrative fines imposed on a telephone service provider
7 October 2019
News
… of accuracy) of the General Data Protection Regulation (GDPR). It therefore imposed an administrative fine of EUR … for direct marketing purposes (Article 21 (3) of the GDPR) as well as Article 25 (data protection by design) of the GDPR and imposed an administrative fine of EUR 200.000 on …
European Data Protection Board - Our Mission
14 March 2018
… their rights and obligations. We are also empowered by the GDPR to make binding decisions towards national supervisory … their rights and obligations. We are also empowered by the GDPR to make binding decisions towards national supervisory …
Data Protection Day 2023
27 January 2023
News
… Data Protection Day, we invite you to take a look back at GDPR enforcement over the last few years and explore how the … Data Protection Day, we invite you to take a look back at GDPR enforcement over the last few years and explore how the …
Polish SA: administrative fine of 928 498,06 € for failure to inform data breach victims
6 February 2025
News
… bank has failed to comply with its obligations under the GDPR after the personal data of a group of customers was … secrets does not exempt from the application of the GDPR. Decision The President of the Personal Data … 928 498,06 € on mBank for infringement of Article 34 of the GDPR. The fine amount represents 24 thousandths of one per …
December Plenary - adopted documents
12 January 2022
News
… consultation) Opinion 39/2021 on whether Article 58(2)(g) GDPR could serve as a legal basis for a supervisory … consultation) Opinion 39/2021 on whether Article 58(2)(g) GDPR could serve as a legal basis for a supervisory …
EDPB adopted documents - 26th, 28th and 30th plenary
9 June 2020
News
… to NGOs on Hungarian government decrees Statement on Art 23 GDPR … During its 26th, 28th and 30th plenary session, the … to NGOs on Hungarian government decrees Statement on Art 23 GDPR … EDPB adopted documents - 26th, 28th and 30th plenary …
The Romanian Supervisory Authority fines Raiffeisen Bank S.A. and Vreau Credit S.R.L.
31 October 2019
News
… with Article 32 paragraph (1) and paragraph (2) of the GDPR , which led to imposing an administrative fine in the … with Article 32 paragraph (1) and paragraph (2) of the GDPR , as well as of Article 33 paragraph (1) of the GDPR, which led to imposing an administrative fine in the …
EDPB adopts letter on Polish presidential elections data disclosure & discusses recent Hungarian government decrees in relation to the coronavirus during the state of emergency
8 May 2020
Press releases
… attention. The Board underlines that, according to the GDPR, personal data, such as names and addresses, and … data.” However, the EDPB stresses that enforcement of the GDPR lies with the national supervisory authorities. The … In the first instance, the assessment of alleged GDPR infringements falls within the competence of the …