16 May 2023
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 … Electronic communications, Hacker attack, Personal data breach, Principles relating to processing of personal data, …
2 May 2024
… network vulnerabilities, unauthorised access, dark web, data breach, data breach notification, network intrusion, ransomware, …
23 September 2021
… Dutch SA fines Transavia for poor personal data security 23 September 2021 Netherlands Ireland France … administrative fine Key words: Security of processing, data security breach Summary of the Decision Origin of the case The …
20 July 2020
… authority 20 July 2020 The President of the Personal Data Protection Office (UODO) imposed a fine of PLN 5 000 on … provide the President of the UODO with access to personal data and other information necessary for the performance of … for assessment whether the controller communicated a data breach to the data subject in accordance with the GDPR …
20 April 2023
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 … security, Data subject rights, Encryption, Personal data breach, Responsibility of the controller, Technical and …
13 January 2021
… threat and remove it led the company ID Finance Poland to data loss. Therefore, the President of the Personal Data Protection Office (UODO) found that the company had not … the security features on its servers and notified data breach to the supervisory authority at the same time. In …
13 July 2021
… Polish SA: Personal data carrier must be secured 13 July 2021 Poland The … President of the District Court did not secure the company data carrier, but only instructed his employees to do it … to the scope of the personal data disclosed, the indicated breach caused a high risk of infringement of rights or …
6 April 2022
… imposed administrative fines on BOI of €463,000 Key words: Data Breach Summary of the Decision Origin of the case This inquiry was commenced in respect of 22 personal data breach notifications that Bank of Ireland Group plc …
10 July 2020
… The President of the Personal Data Protection Office imposes a fine in cross-border … 10 July 2020 Poland The President of the Personal Data Protection Office (UODO) imposed a fine of PLN 15 000 … circumstances, among others, the seriousness of the breach (undermining the proper functioning of the personal …
17 May 2023
… Health data and use of cookies: French SA fines DOCTISSIMO 17 May … 5 (1)(e)(Principles relating to processing of personal data: storage limitation), Article 9 (Processing of special … of users. Key Findings The French SA has identified four breaches of the GDPR and a breach of the French Data …
18 September 2023
… Excessive data collection and lack of cooperation: the French SA … Article 5 (Principles relating to processing of personal data), Article 9 (Processing of special categories of … of data. Key Findings The French SA has found several breaches of the GDPR: Infringement of the data minimisation …
4 November 2024
… Article 9 (Processing of special categories of personal data) Decision: Administrative fine Key words: Lawfulness … penalty of NOK 250,000 to Eidskog Municipality for breach of the requirements for a legal basis in the General Data Protection Regulation. Key findings The Norwegian …
27 April 2023
… EDPB Launches Data Protection Guide for small business 27 April 2023 EDPB The EDPB has launched a Data Protection Guide to help small business owners on their … from data protection basics, to data subject rights, data breaches, and more. It contains videos, infographics, …
31 October 2019
… an investigation, following the notification of a personal data breach to the supervisory authority, by filling in the form on the personal data breach in compliance with Regulation (EU) 2016/679. The …
10 March 2025
… provider Sambla Group issued administrative fine for data security neglect 10 March 2025 Finland Background … Article 5 (Principles relating to processing of personal data), Article 25 (Data protection by design and by … Administrative fine, Communication order personal data breach, Reprimand Key words: Data security, Personal data …
13 January 2021
… 13 January 2021 Poland The President of the Personal Data Protection Office (UODO) imposed a fine of PLN 1.9 … measures to ensure the security of the processed data. UODO stated that the company infringed the principles … some of the company’s clients. In connection with a data breach, as a result of which an unauthorised person obtained …
9 January 2025
… Data scraping: French SA fined KASPR €200 000 9 January 2025 … Article 5 (Principles relating to processing of personal data), Article 12 (Transparent information, communication … the KASPR extension. Key Findings The CNIL found several breaches of the GDPR: Failure to comply with the obligation …
7 May 2025
… Polish SA: lack of procedures to protect personal data processed by the press - administrative fine of 13 500 … fine, Compliance order Key words: Administrative fine, Data security, Encryption, Personal data breach, Data subject rights Summary of the Decision …
5 November 2024
… of the controller, Publicly available data, Data security, Employment Summary of the Decision Origin … employees without a need to know had access to. The data breach has been ongoing since the university started using …
23 January 2025
… Data scraping: French Supervisory Authority fined KASPR €240 … Article 5 (Principles relating to processing of personal data), Article 12 (Transparent information, communication … KASPR extension. Key Findings The CNIL found several breaches of the GDPR: Failure to comply with the obligation …