10 July 2020
… The President of the Personal Data Protection Office imposes a fine in cross-border … 10 July 2020 Poland The President of the Personal Data Protection Office (UODO) imposed a fine of PLN 15 000 … circumstances, among others, the seriousness of the breach (undermining the proper functioning of the personal …
8 June 2023
… 5 (1)(e)(Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 9 (Processing of special categories of personal data), Article 32 (Security of processing), Article 33 (Notification of a personal data breach to the supervisory authority) Decision: …
17 May 2023
… Health data and use of cookies: French SA fines DOCTISSIMO 17 May … 5 (1)(e)(Principles relating to processing of personal data: storage limitation), Article 9 (Processing of special … of users. Key Findings The French SA has identified four breaches of the GDPR and a breach of the French Data …
8 September 2022
… of Warsaw Legal Reference: Notification of a personal data breach to the supervisory authority (Article 33(1)), Communication of a personal data breach to the data subject (Article 34(1)) Decision: … of Warsaw Legal Reference: Notification of a personal data breach to the supervisory authority (Article 33(1)), …
2 May 2024
… network vulnerabilities, unauthorised access, dark web, data breach, data breach notification, network intrusion, ransomware, … network vulnerabilities, unauthorised access, dark web, data breach, data breach notification, network intrusion, …
20 May 2025
… Slovenian SA: schools must adhere to the principle of data protection by design and by default 20 May 2025 … Controller: High school Legal Reference(s): Article 25 (Data protection by design and by default) … an ex officio inspection after receiving an official data breach notification. A school reported an unauthorized …
16 May 2023
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 … Electronic communications, Hacker attack, Personal data breach, Principles relating to processing of personal data, …
20 July 2020
… authority 20 July 2020 The President of the Personal Data Protection Office (UODO) imposed a fine of PLN 5 000 on … provide the President of the UODO with access to personal data and other information necessary for the performance of … for assessment whether the controller communicated a data breach to the data subject in accordance with the GDPR …
13 January 2021
… threat and remove it led the company ID Finance Poland to data loss. Therefore, the President of the Personal Data Protection Office (UODO) found that the company had not … the security features on its servers and notified data breach to the supervisory authority at the same time. In …
18 September 2023
… Excessive data collection and lack of cooperation: the French SA … Article 5 (Principles relating to processing of personal data), Article 9 (Processing of special categories of … of data. Key Findings The French SA has found several breaches of the GDPR: Infringement of the data minimisation …
20 April 2023
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 … security, Data subject rights, Encryption, Personal data breach, Responsibility of the controller, Technical and …
6 April 2022
… imposed administrative fines on BOI of €463,000 Key words: Data Breach Summary of the Decision Origin of the case This inquiry was commenced in respect of 22 personal data breach notifications that Bank of Ireland Group plc … imposed administrative fines on BOI of €463,000 Key words: Data Breach Summary of the Decision Origin of the case …
27 April 2023
… EDPB Launches Data Protection Guide for small business 27 April 2023 EDPB The EDPB has launched a Data Protection Guide to help small business owners on their … from data protection basics, to data subject rights, data breaches, and more. It contains videos, infographics, …
10 March 2025
… provider Sambla Group issued administrative fine for data security neglect 10 March 2025 Finland Background … Article 5 (Principles relating to processing of personal data), Article 25 (Data protection by design and by … Administrative fine, Communication order personal data breach, Reprimand Key words: Data security, Personal data …
4 November 2024
… Article 9 (Processing of special categories of personal data) Decision: Administrative fine Key words: Lawfulness … penalty of NOK 250,000 to Eidskog Municipality for breach of the requirements for a legal basis in the General Data Protection Regulation. Key findings The Norwegian …
31 October 2019
… an investigation, following the notification of a personal data breach to the supervisory authority, by filling in the form on the personal data breach in compliance with Regulation (EU) 2016/679. The … an investigation, following the notification of a personal data breach to the supervisory authority, by filling in the …
9 January 2025
… Data scraping: French SA fined KASPR €200 000 9 January 2025 … Article 5 (Principles relating to processing of personal data), Article 12 (Transparent information, communication … the KASPR extension. Key Findings The CNIL found several breaches of the GDPR: Failure to comply with the obligation …
7 October 2020
… The Belgian Data Protection Authority has issued a warning and reprimand … institution for wrongful processing of personal data from the National Register. 7 October 2020 Belgium The … has the competence to take action in the case of a breach against environmental legislation, for example in the …
23 January 2025
… Data scraping: French Supervisory Authority fined KASPR €240 … Article 5 (Principles relating to processing of personal data), Article 12 (Transparent information, communication … KASPR extension. Key Findings The CNIL found several breaches of the GDPR: Failure to comply with the obligation …
7 May 2025
… Polish SA: lack of procedures to protect personal data processed by the press - administrative fine of 13 500 … fine, Compliance order Key words: Administrative fine, Data security, Encryption, Personal data breach, Data subject rights Summary of the Decision …