21 June 2023
… BCR applications since the entering into application of the GDPR. The recommendations provide additional guidance and … essentially equivalent to the one provided by the GDPR. A second set of recommendations for BCR-processors … BCR applications since the entering into application of the GDPR. The recommendations provide additional guidance and …
18 August 2020
… that VODAFONE ESPAÑA violated Article 6(1) of the GDPR, by processing the claimant's personal data without any … that VODAFONE ESPAÑA violated Article 6(1) of the GDPR, by processing the claimant's personal data without any …
25 November 2020
… constitutes personal data within the meaning of the GDPR, and the fact that persons are in quarantine … controller is subject to the obligations resulting from the GDPR. UODO also took into account that the confidentiality … to ensure the security of processing. Article 33(1) of the GDPR sets forth that in the case of a personal data breach, …
25 November 2020
… Móviles España, S.A.U., violated Article 6(1) of the GDPR, by processing the claimant's personal data without any … Móviles España, S.A.U., violated Article 6(1) of the GDPR, by processing the claimant's personal data without any …
… Authorisation of Contractual Clauses under Article 46(3)(a) GDPR and for the Adoption of Standard Contractual Clauses under Article 46(2)(d) GDPR 22 January 2026 Publication Type: Procedure Topics: …
20 January 2023
… of processing (Article 6) Decision: Infringement of the GDPR, Administrative fine and Order to comply Key words: … of processing (Article 6) Decision: Infringement of the GDPR, Administrative fine and Order to comply Key words: …
11 January 2021
… not complied with the obligation under Article 33 of the GDPR. When determining the amount of the administrative … DPA reminds that pursuant to Article 33 (1) and (3) of the GDPR, in the case of a personal data breach, the controller … not complied with the obligation under Article 33 of the GDPR. When determining the amount of the administrative …
11 January 2021
… not complied with the obligation under Article 33 of the GDPR. When determining the amount of the administrative … DPA reminds that pursuant to Article 33 (1) and (3) of the GDPR, in the case of a personal data breach, the controller … not complied with the obligation under Article 33 of the GDPR. When determining the amount of the administrative …
10 July 2020
… it and does not fulfil the obligation – provided for in the GDPR – to provide it with access to personal data and other … of the personal data protection system specified by the GDPR), the intentional nature of the breach and the … it and does not fulfil the obligation – provided for in the GDPR – to provide it with access to personal data and other …
… and the EDPB on the interplay between the DMA and the GDPR EDPB Public Consultations EDPB-EDPS Support Pool of … and the EDPB on the interplay between the DMA and the GDPR EDPB Public Consultations EDPB-EDPS Support Pool of …
21 October 2022
… as European Data Protection Seal pursuant to Article 42.5 (GDPR) 10 October 2022 Publication Type: Opinion of the Board … 9/2022 on personal data breach notification under GDPR 10 October 2022 Publication Type: Guidelines Topics: …
15 October 2024
… stakeholders in the context of a request for an Art. 64(2) GDPR opinion relating to artificial intelligence models (‘AI … stakeholders in the context of a request for an Art. 64(2) GDPR opinion relating to artificial intelligence models (‘AI …
23 April 2024
… services. We also worked hard to raise awareness of the GDPR at the European and international level, so that … services. We also worked hard to raise awareness of the GDPR at the European and international level, so that …
… and the EDPB on the interplay between the DMA and the GDPR EDPB-EDPS Support Pool of Experts – Cycle 2 EDPB Public … and the EDPB on the interplay between the DMA and the GDPR EDPB-EDPS Support Pool of Experts – Cycle 2 EDPB Public …
5 May 2022
… Germany Type Code for Controllers/Processors subject to GDPR Scope National Opinion/Guideline References Guidelines … an accredited body to monitor the CoC (see Article 41 (6) GDPR and para 88 of the Guidelines 1/2019 on Codes of …
25 September 2025
… infringement of Articles 24(1), 25(1) and 32(1,2) of the GDPR. In addition, the President of the Personal Data … the processing operations into line with the provisions of GDPR by: implementing appropriate technical and … infringement of Articles 24(1), 25(1) and 32(1,2) of the GDPR. In addition, the President of the Personal Data …
21 February 2022
… established by the General Data Protection Regulation or GDPR, which contributes to the consistent application of … established by the General Data Protection Regulation or GDPR, which contributes to the consistent application of …
17 March 2022
… (Art. 32(1) and Art. 32(2)). Decision: infringement of the GDPR, administrative fine. Key words: responsibility of the … The Polish DPA found that the controller infringed the GDPR provisions i.e. Art. 5(1)(f), Art. 24(1), Art. 25(1), … (Art. 32(1) and Art. 32(2)). Decision: infringement of the GDPR, administrative fine. Key words: responsibility of the …
16 May 2022
… safeguards (Article 46). Decision: infringement of the GDPR, order to suspend processing and erasure of personal … of Reykjavík had breached various provisions of the GDPR using Seesaw. Following that decision, the Icelandic SA … safeguards (Article 46). Decision: infringement of the GDPR, order to suspend processing and erasure of personal …
4 November 2024
… million and several orders to the NAV for violation of the GDPR. For further information: Decision on infringement … million and several orders to the NAV for violation of the GDPR. For further information: Decision on infringement …