21 April 2022
… data pertaining to a special category of data under the GDPR (health data). The temperature checks were mainly based … of Mobility, which does not meet the criteria of the GDPR, i.e. to be a clear and precise legal standard whose … data pertaining to a special category of data under the GDPR (health data). The temperature checks were mainly based …
13 May 2021
… fined Basaren Drift AS NOK EUR 20,000 (NOK 200,000) for a GDPR violation. The case relates to CCTV surveillance of … premises. The General Data Protection Regulation (GDPR) requires that all processing of personal data must … fined Basaren Drift AS NOK EUR 20,000 (NOK 200,000) for a GDPR violation. The case relates to CCTV surveillance of …
14 October 2021
… obligations under data protection law (Article 12, 13 GDPR) through this procedure, as the customers were not … permissible at all. This is not explicitly regulated in the GDPR; there are no clear legal requirements in this respect. … obligations under data protection law (Article 12, 13 GDPR) through this procedure, as the customers were not …
17 July 2020
… that is essentially equivalent to the one guaranteed by the GDPR in light of the EU Charter. The assessment of whether … light of the non-exhaustive factors set out under Art 45(2) GDPR. If the result of this assessment is that the country … The EDPB recalls that it issued guidelines on Art 49 GDPR derogations (2); and that such derogations must be …
28 July 2020
… interplay of the Second Payment Services Directive and the GDPR - version for public consultation letter to MEP Ďuriš … interplay of the Second Payment Services Directive and the GDPR - version for public consultation letter to MEP Ďuriš …
12 February 2019
… taken into consideration. Since the EDPB is required by the GDPR (art. 70(4)) to make the results of this consultation … such data, and repealing Directive 95/46/EC (hereinafter “GDPR”), Having regard to the EEA Agreement and in particular … OPINION: 1 INTRODUCTION 1. Regulation 2016/6791 (“the GDPR”) came into effect on 25 May 2018. One of the main …
24 January 2019
… an important tool for the consistent application of the GDPR across the EEA. DPIA is a process to help identify and … mechanisms issued in accordance with art. 42 and art. 43 GDPR. As such, the guidelines explore the rationale for … criteria in accordance with art. 42 and art. 43 GDPR. The annex will be subject to public consultation. …
20 April 2023
… of the Bar Association for breaching the provisions of the GDPR by failing to implement appropriate technical and … should be made compliant with the provisions of the GDPR within six months from the date of delivery of the … of the Bar Association for breaching the provisions of the GDPR by failing to implement appropriate technical and …
2 September 2024
… the defendant has breached the articles 12.2, 12.3 et 15 GDPR because of the 14 month late reply and because the … sanction is based only on the infringement of article 15 GDPR, since both articles 12.2 et 12.3 were not in the … the defendant has breached the articles 12.2, 12.3 et 15 GDPR because of the 14 month late reply and because the …
12 July 2019
… taken into consideration. Since the EDPB is required by the GDPR (art. 70(4)) to make the results of this consultation … such data, and repealing Directive 95/46/EC, (hereinafter “GDPR”), Having regard to the EEA Agreement and in particular … or even the risks of misuse. The general principles in GDPR (Article 5), should always be carefully considered when …
16 April 2021
… on the EDPB website. Opinion 14/2021 is based on the GDPR and assesses both general data protection aspects and … on the EDPB website. Opinion 14/2021 is based on the GDPR and assesses both general data protection aspects and …
13 May 2021
… Controller: Municipality of Bozen/Bolzano Legal Reference: GDPR: Article 5 para. 1, letters a) and c) (lawfulness, … private life). Decision: finding of infringements of the GDPR; administrative fine Key words: employer-employee … Controller: Municipality of Bozen/Bolzano Legal Reference: GDPR: Article 5 para. 1, letters a) and c) (lawfulness, …
21 October 2020
… by Design and by Default (DPbDD) as set forth in Art. 25 GDPR. The core obligation enshrined in Art.25 is the … purpose, while applying all the other principles of the GDPR. The EDPB further highlighted that it is in continuous … by Design and by Default (DPbDD) as set forth in Art. 25 GDPR. The core obligation enshrined in Art.25 is the …
26 November 2024
… wording of data access in accordance with Art. 15 GDPR and the processes for providing access in a timely … a legal basis, thus violating Art. 5.1(a) and 6(1) of the GDPR. Even though the originally processed data records were … wording of data access in accordance with Art. 15 GDPR and the processes for providing access in a timely …
29 July 2020
… 32 of the European General Data Protection Regulation, GDPR), the Department of Fines of the Baden-Wuerttemberg … with the LfDI. Within the frame that article 83 (4) GDPR sets for fines, the comprehensive internal reviews and … restore or improve the health of the insured persons. The GDPR requires fines to not only be effective and dissuasive, …
4 June 2020
… compliance of the related personal data processing with the GDPR. The Deputy Data Protection Ombudsman ordered the … failed to conduct the impact assessments required by the GDPR before the start of processing. Data protection impact … that the processing of audio data was not in line with the GDPR’s principle of data minimisation. She ordered Taksi …
17 January 2024
… have the means to fulfil their tasks, as required by the GDPR. The report provides an analysis of the challenges … of DPOs 5 years after the entry into application of the GDPR. Despite some concerns and challenges faced by some … trainings; they have clearly defined tasks in line with the GDPR and do not receive instructions on how to exercise …
14 February 2019
… taken into consideration. Since the EDPB is required by the GDPR (art. 70(4)) to make the results of this consultation … in accordance with the legal requirements provided by the GDPR and, where applicable, by national legislation. 2 SCOPE … of processing operations of controllers under the GDPR without specifying further the area of application …
5 January 2022
… Accountability (Art. 5(2)) Decision: Infringement of the GDPR, administrative fine and reprimand Key words: personal … Ombudsman issued Vastaamo a reprimand on violating the GDPR. The sanctions board of the Office of the Data … Accountability (Art. 5(2)) Decision: Infringement of the GDPR, administrative fine and reprimand Key words: personal …
5 August 2020
… breach or to mitigate its adverse effects (Art. 33 (3) (d) GDPR) The passwords of the affected accounts have been … or public communi- cation (Art. 34(1) or Art. 34(3) (c) GDPR) The controller has notified all data subjects and … the incident occurred, e.g. encryption (Article 34 (3) (a) GDPR) No particular measures beyond the standard IT security …