Search results | European Data Protection Board

Code de conduite RGPD - Secteur du Travail Intérimaire Grand-Duché de Luxembourg
13 August 2025
Other
… Luxembourg Type Code for Controllers/Processors subject to GDPR Scope National Monitoring Body ESCEM ASBL Code de …
Polish DPA imposes a fine on Warsaw University of Technology for not complying with its obligation
14 January 2022
News
… (Art. 32(1), Art. 32(2)) Decision: infringement of GDPR, fine issued Key words: principles, processing, … (Art. 32(1), Art. 32(2)) Decision: infringement of GDPR, fine issued Key words: principles, processing, …
Danish DPA set to fine furniture company
11 June 2019
News
… data in the old system had never been deleted. The GDPR establishes that personal data must be stored in such a … data in the old system had never been deleted. The GDPR establishes that personal data must be stored in such a …
Polish DPA imposes a fine on Pactum Poland Sp. z o.o. for lack of cooperation
24 February 2022
News
… 31), Powers (Art. 58 (1)(e)) Decision: infringement of GDPR, fine issued Key words: investigative powers, lack of … 31), Powers (Art. 58 (1)(e)) Decision: infringement of GDPR, fine issued Key words: investigative powers, lack of …
Twenty-first plenary session of the European Data Protection Board - Letter concerning the European Commission's draft Guidance on apps supporting the fight against the COVID-19 pandemic
14 April 2020
Press releases
… of advising and ensuring the correct application of the GDPR and the E-Privacy Directive, to be fully involved in … of advising and ensuring the correct application of the GDPR and the E-Privacy Directive, to be fully involved in …
The Romanian National Supervisory Authority issues a fine against FAN COURIER EXPRESS SR
28 October 2019
News
… the provisions of Article 5 paragraph (1) letter f) of the GDPR. Legal and Communication Department To read the press … the provisions of Article 5 paragraph (1) letter f) of the GDPR. Legal and Communication Department To read the press …
Swedish SA: Administrative fine against the Equality Ombudsman when personal data was collected via a web form
15 July 2025
News
… The DO has violated the general data protection regulation (GDPR) by not having taken sufficiently effective security … The DO has violated the general data protection regulation (GDPR) by not having taken sufficiently effective security …
Finnish SA: Administrative fine on business directory operator for infringements of the right to obtain call recordings
6 July 2023
News
… method of delivering call recordings in accordance with the GDPR. Neither did the company inform the Finnish SA of … method of delivering call recordings in accordance with the GDPR. Neither did the company inform the Finnish SA of …
Launch of coordinated enforcement on role of data protection officers
15 March 2023
News
… the position in their organisations required by Art. 37-39 GDPR and the resources needed to carry out their tasks, … on the role of data protection officers (EN) Italian SA: GDPR: focus dei Garanti europei sul ruolo dei responsabili … the position in their organisations required by Art. 37-39 GDPR and the resources needed to carry out their tasks, …
CoC 01 Verhaltensregeln für die Prüf- und Löschfristen von personenbezogenen Daten durch die deutschen Wirtschaftsauskunfteien
11 August 2020
Other
… Germany Type Code for Controllers/Processors subject to GDPR Scope National Monitoring Body TIGGES DCO GmbH …
Decision concerning a complaint directed against WhatsApp Ireland Limited in respect of the WhatsApp service made pursuant to Section 113 of the Data Protection Act 2018 (Inquiry 18-5-6)
24 January 2023
Decision by the SA
… by the Irish SA regarding WhatsApp Ireland Limited (Art. 65 GDPR) … Decision concerning a complaint directed against …
Decision concerning a complaint directed against Meta Platforms Ireland Limited in respect of the Instagram service made pursuant to Section 113 of the Data Protection Act 2018 (Inquiry 18-5-7)
12 January 2023
Decision by the SA
… Ireland Limited and its Instagram service (Art. 65 GDPR) … Decision concerning a complaint directed against …
Ivoclar Vivadent Group
23 July 2024
… 331.8KB German English Download Pre-GDPR No … Ivoclar Vivadent Group …
Viega Group
2 December 2024
… National Decision (EN) 194.1KB German English Download Pre-GDPR No … Viega Group …
The Norwegian SA imposes fine against Elektro & Automasjon Systemer AS
13 December 2021
News
… Legal basis (Article 6) Decision: Infringement of the GDPR declared and fine imposed, order to establish … Legal basis (Article 6) Decision: Infringement of the GDPR declared and fine imposed, order to establish …
The Norwegian SA issues fine to the Municipality of Østre Toten for flawed information security
7 July 2022
News
… the controller (Article 24) Decision: Infringement of the GDPR, Order to comply Key words: Cyber attack, Ransomware, … the controller (Article 24) Decision: Infringement of the GDPR, Order to comply Key words: Cyber attack, Ransomware, …
The Icelandic SA: HEI medical travel agency fined for an unlawful use of an e-mail address and not handling an access request
24 May 2022
News
… right of access (Article 15) Decision: infringement of the GDPR, fine 1.5 million ISK (approx. 10.700 Euros). Key … right of access (Article 15) Decision: infringement of the GDPR, fine 1.5 million ISK (approx. 10.700 Euros). Key …
Polish SA imposed fine for failing to implement appropriate technical and organisational measures
31 May 2023
News
… characteristics of a data breach within the meaning of the GDPR. The Polish SA, taking into account the scope of … characteristics of a data breach within the meaning of the GDPR. The Polish SA, taking into account the scope of …
Icelandic SA: administrative fine imposed on the Primary Health Care of the Capital area for the unlawful processing in relation to the integration of medical record systems.
7 March 2025
News
… lawfulness of the processing (Articles 5.1 (a), 6.1 and 9.1 GDPR). Decision The Icelandic SA imposed a fine of 33 854 … lawfulness of the processing (Articles 5.1 (a), 6.1 and 9.1 GDPR). Decision The Icelandic SA imposed a fine of 33 854 …
Slovenian SA: schools must adhere to the principle of data protection by design and by default
20 May 2025
Press releases
… by design and by default, as mandated by Article 25 of the GDPR. The inspection procedure revealed a lack of proper … by design and by default, as mandated by Article 25 of the GDPR. The inspection procedure revealed a lack of proper …