20 May 2025
… Slovenian SA: schools must adhere to the principle of data protection by design and by default 20 May 2025 … Controller: High school Legal Reference(s): Article 25 (Data protection by design and by default) … an ex officio inspection after receiving an official data breach notification. A school reported an unauthorized …
8 September 2022
… of Warsaw Legal Reference: Notification of a personal data breach to the supervisory authority (Article 33(1)), Communication of a personal data breach to the data subject (Article 34(1)) Decision: … of Warsaw Legal Reference: Notification of a personal data breach to the supervisory authority (Article 33(1)), …
2 May 2024
… network vulnerabilities, unauthorised access, dark web, data breach, data breach notification, network intrusion, ransomware, … network vulnerabilities, unauthorised access, dark web, data breach, data breach notification, network intrusion, …
16 May 2023
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 … Electronic communications, Hacker attack, Personal data breach, Principles relating to processing of personal data, …
18 September 2023
… Excessive data collection and lack of cooperation: the French SA … Article 5 (Principles relating to processing of personal data), Article 9 (Processing of special categories of … of data. Key Findings The French SA has found several breaches of the GDPR: Infringement of the data minimisation …
20 July 2020
… authority 20 July 2020 The President of the Personal Data Protection Office (UODO) imposed a fine of PLN 5 000 on … provide the President of the UODO with access to personal data and other information necessary for the performance of … for assessment whether the controller communicated a data breach to the data subject in accordance with the GDPR …
13 January 2021
… threat and remove it led the company ID Finance Poland to data loss. Therefore, the President of the Personal Data Protection Office (UODO) found that the company had not … the security features on its servers and notified data breach to the supervisory authority at the same time. In …
20 April 2023
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 … security, Data subject rights, Encryption, Personal data breach, Responsibility of the controller, Technical and …
6 April 2022
… imposed administrative fines on BOI of €463,000 Key words: Data Breach Summary of the Decision Origin of the case This inquiry was commenced in respect of 22 personal data breach notifications that Bank of Ireland Group plc … imposed administrative fines on BOI of €463,000 Key words: Data Breach Summary of the Decision Origin of the case …
10 March 2025
… provider Sambla Group issued administrative fine for data security neglect 10 March 2025 Finland Background … Article 5 (Principles relating to processing of personal data), Article 25 (Data protection by design and by … Administrative fine, Communication order personal data breach, Reprimand Key words: Data security, Personal data …
27 April 2023
… EDPB Launches Data Protection Guide for small business 27 April 2023 EDPB The EDPB has launched a Data Protection Guide to help small business owners on their … from data protection basics, to data subject rights, data breaches, and more. It contains videos, infographics, …
4 November 2024
… Article 9 (Processing of special categories of personal data) Decision: Administrative fine Key words: Lawfulness … penalty of NOK 250,000 to Eidskog Municipality for breach of the requirements for a legal basis in the General Data Protection Regulation. Key findings The Norwegian …
9 January 2025
… Data scraping: French SA fined KASPR €200 000 9 January 2025 … Article 5 (Principles relating to processing of personal data), Article 12 (Transparent information, communication … the KASPR extension. Key Findings The CNIL found several breaches of the GDPR: Failure to comply with the obligation …
31 October 2019
… an investigation, following the notification of a personal data breach to the supervisory authority, by filling in the form on the personal data breach in compliance with Regulation (EU) 2016/679. The … an investigation, following the notification of a personal data breach to the supervisory authority, by filling in the …
7 October 2020
… The Belgian Data Protection Authority has issued a warning and reprimand … institution for wrongful processing of personal data from the National Register. 7 October 2020 Belgium The … has the competence to take action in the case of a breach against environmental legislation, for example in the …
7 May 2025
… Polish SA: lack of procedures to protect personal data processed by the press - administrative fine of 13 500 … fine, Compliance order Key words: Administrative fine, Data security, Encryption, Personal data breach, Data subject rights Summary of the Decision …
23 January 2025
… Data scraping: French Supervisory Authority fined KASPR €240 … Article 5 (Principles relating to processing of personal data), Article 12 (Transparent information, communication … KASPR extension. Key Findings The CNIL found several breaches of the GDPR: Failure to comply with the obligation …
13 January 2021
… 13 January 2021 Poland The President of the Personal Data Protection Office (UODO) imposed a fine of PLN 1.9 … measures to ensure the security of the processed data. UODO stated that the company infringed the principles … some of the company’s clients. In connection with a data breach, as a result of which an unauthorised person obtained …
13 September 2024
… and order to comply following a leak of expats’ personal data file 13 September 2024 Greece Background information … GDPR: Article 14: Information to be provided where personal data have not been obtained from the data subject; GDPR: … GDPR: Article 33: Notification of a personal data breach Controllers: Hellenic Ministry of the Interior, and a …
11 September 2020
… 11 September 2020 Poland The President of the Personal Data Protection Office, after having found a personal data breach by the Warsaw University of Life Sciences … The President of the Personal Data Protection Office, after having found a personal data breach by the Warsaw University of Life Sciences (SGGW), …