13 May 2021
… Controller: Municipality of Bozen/Bolzano Legal Reference: GDPR: Article 5 para. 1, letters a) and c) (lawfulness, … private life). Decision: finding of infringements of the GDPR; administrative fine Key words: employer-employee … Controller: Municipality of Bozen/Bolzano Legal Reference: GDPR: Article 5 para. 1, letters a) and c) (lawfulness, …
21 October 2020
… by Design and by Default (DPbDD) as set forth in Art. 25 GDPR. The core obligation enshrined in Art.25 is the … purpose, while applying all the other principles of the GDPR. The EDPB further highlighted that it is in continuous … by Design and by Default (DPbDD) as set forth in Art. 25 GDPR. The core obligation enshrined in Art.25 is the …
26 November 2024
… wording of data access in accordance with Art. 15 GDPR and the processes for providing access in a timely … a legal basis, thus violating Art. 5.1(a) and 6(1) of the GDPR. Even though the originally processed data records were … wording of data access in accordance with Art. 15 GDPR and the processes for providing access in a timely …
30 September 2020
… purpose of applying the General Data Protection Regulation (GDPR). This meant that the DPC’s role in relation to your … in relation to your complaint pursuant to Article 60 of GDPR. The BfDI dismissed your complaint based on its … Your right to an effective judicial remedy Article 78 GDPR entitles you to an effective judicial remedy against a …
4 June 2020
… compliance of the related personal data processing with the GDPR. The Deputy Data Protection Ombudsman ordered the … failed to conduct the impact assessments required by the GDPR before the start of processing. Data protection impact … that the processing of audio data was not in line with the GDPR’s principle of data minimisation. She ordered Taksi …
29 July 2020
… 32 of the European General Data Protection Regulation, GDPR), the Department of Fines of the Baden-Wuerttemberg … with the LfDI. Within the frame that article 83 (4) GDPR sets for fines, the comprehensive internal reviews and … restore or improve the health of the insured persons. The GDPR requires fines to not only be effective and dissuasive, …
17 January 2024
… have the means to fulfil their tasks, as required by the GDPR. The report provides an analysis of the challenges … of DPOs 5 years after the entry into application of the GDPR. Despite some concerns and challenges faced by some … trainings; they have clearly defined tasks in line with the GDPR and do not receive instructions on how to exercise …
5 January 2022
… Accountability (Art. 5(2)) Decision: Infringement of the GDPR, administrative fine and reprimand Key words: personal … Ombudsman issued Vastaamo a reprimand on violating the GDPR. The sanctions board of the Office of the Data … Accountability (Art. 5(2)) Decision: Infringement of the GDPR, administrative fine and reprimand Key words: personal …
16 March 2021
… remote stakeholder event on the topic " application of the GDPR to the processing of personal data for scientific … remote stakeholder event on the topic " application of the GDPR to the processing of personal data for scientific …
19 April 2023
… to comply with the requirements of Chapter V of the GDPR, and if necessary, to stop the transfer at stake. The … to comply with the requirements of Chapter V of the GDPR, and if necessary, to stop the transfer at stake. The …
5 May 2022
… of processing (Art. 32) Decision: Infringement of the GDPR and fine imposed Key words: special categories of … categories of personal data, see Article 9 (1) of the GDPR. The municipality neglected to mark the 10 attachments … of processing (Art. 32) Decision: Infringement of the GDPR and fine imposed Key words: special categories of …
3 October 2023
… of personal data pursuant to Article 6(1)(c) of the GDPR. However, the national legal regulation may form the basis for the processing under Article 6(1)(e) GDPR. IMY concluded that fires are serious and can pose a … of personal data pursuant to Article 6(1)(c) of the GDPR. However, the national legal regulation may form the …
2 May 2025
… Article 6(1), 9(1) in relation with Article 13(1,2) of the GDPR and a fine of 105 000 € for infringement of Articles 24(1), 25(1,) and 32(1,2) of the GDPR. Total amount of imposed fine on Centrum Medyczne … Article 6(1), 9(1) in relation with Article 13(1,2) of the GDPR and a fine of 105 000 € for infringement of Articles …
6 February 2025
… data in compliance with the principles expressed in the GDPR. Losing a laptop is losing a laptop represents an … ZHP for infringement of Articles 5, 24, 25 and 32 of the GDPR. Chorągiew was ordered to implement appropriate data … data in compliance with the principles expressed in the GDPR. Losing a laptop is losing a laptop represents an …
25 September 2025
… Article 24 (1), 25 (1), 28 (1) 32 (1,2), and 33 (1) of the GDPR, as well as on Mayor of Aleksandów an administrative … 32 (1,2) in connection with Article 28 (3)(c,f) of the GDPR. For further information: • National press release: … Article 24 (1), 25 (1), 28 (1) 32 (1,2), and 33 (1) of the GDPR, as well as on Mayor of Aleksandów an administrative …
5 August 2020
… breach or to mitigate its adverse effects (Art. 33 (3) (d) GDPR) The passwords of the affected accounts have been … or public communi- cation (Art. 34(1) or Art. 34(3) (c) GDPR) The controller has notified all data subjects and … the incident occurred, e.g. encryption (Article 34 (3) (a) GDPR) No particular measures beyond the standard IT security …
8 May 2021
… submit the matter to the courts sometime in the future. The GDPR states that the storage period of personal data or the … that the company’s operations have regularly violated the GDPR. The Data Protection Ombudsman issued a reprimand to … controller for processing personal data in violation of the GDPR and ordered the controller to bring its practices into …
… and processors List of documents assessed by the EDPB GDPR Certification Standard and Criteria, BC 5701:2024, … as European Data Protection Seal pursuant to Article 42.5 (GDPR) 2 December 2024 Publication Type: Opinion of the Board …
12 February 2019
… the Austrian Post has violated several provisions of the GDPR. Specifically, the Austrian DPA is of the opinion that … data the Austrian DPA found this to be contradictory to the GDPR. Furthermore, the Austrian DPA found that the DPIA for … the Austrian Post has violated several provisions of the GDPR. Specifically, the Austrian DPA is of the opinion that …
30 August 2022
… TIMSHEL Legal references: Article 58 (2) (i) and (1) (a) GDPR, Article 83 (1) (2) and (5) (e) GDPR (General conditions for imposing administrative fines) … TIMSHEL Legal references: Article 58 (2) (i) and (1) (a) GDPR, Article 83 (1) (2) and (5) (e) GDPR (General …