Search results | European Data Protection Board

Polish SA imposed a fine on TIMSHEL for lack of cooperation with the supervisory authority
30 August 2022
News
… fine, Cooperation with the supervisory authority, Personal data breach Summary of the Decision Origin of the case TIMSHEL notified a personal data breach to the supervisory authority by e-mail. However, … fine, Cooperation with the supervisory authority, Personal data breach Summary of the Decision Origin of the case …
Norwegian SA issues administrative fine to the University of Agder
5 November 2024
News
… of the controller, Publicly available data, Data security, Employment Summary of the Decision Origin … employees without a need to know had access to. The data breach has been ongoing since the university started using … of the controller, Publicly available data, Data security, Employment Summary of the Decision …
Fines proposed for two municipalities
10 March 2020
News
… for two municipalities 10 March 2020 Denmark The Danish Data Protection Agency has reported the municipality of … of an adequate level of security under the General Data Protection Regulation (GDPR). For the municipalities of … both municipalities notified the agency of personal data breaches relating to the theft of computers containing …
Polish SA imposed a fine on the Szczecin-Centrum District Court in Szczecin
19 January 2023
News
… (Responsibility of the controller), Article 25 (1) (2) (Data protection by design and by default), Article 32 (1) … and (2) GDPR (Principles relating to processing of personal data), Article 57 (1) (a) and (h) GDPR, Article 58 (2) (i) GDPR , Article 33 (Notification of a personal data breach to the supervisory authority) Decision: …
Polish SA: administrative fine of 81 000 € for failure to implement appropriate technical and organisational measures to ensure security
6 February 2025
News
… Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 … Article 5 (Principles relating to processing of personal data), Article 28 (Processor), Article 34 (Communication of a personal data breach to the data subject), Article 33 (Notification of a …
Spanish Data Protection Authority (AEPD) imposes fine of 70.000 EUR on XFERA MOVILES
18 August 2020
News
… Spanish Data Protection Authority (AEPD) imposes fine of 70.000 EUR on XFERA MOVILES 18 August 2020 Spain The Spanish Data Protection Authority (AEPD) imposed a fine of 70.000 … phone number). The AEPD considered that this constitutes a breach of the principle of confidentiality, established in …
Norwegian Data Protection Authority: Decision to Fine Bergen Municipality
14 October 2020
News
… Norwegian Data Protection Authority: Decision to Fine Bergen Municipality 14 October 2020 Norway The Norwegian Data Protection Authority has given Bergen municipality a … Data Protection Authority was notified of a personal data breach by Bergen Municipality regarding the municipality's …
Polish SA: administrative fine of EUR 4 022 773 for McDonald’s Polska sp. z o.o. and EUR 43 680 for 24/7 Communication Sp. z o.o. for negligence in risk analysis and safeguards
25 September 2025
News
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 28 … processing), Article 34 (Communication of a personal data breach to the data subject), Article 38 (Position of the …
Polish DPA imposes €645,000 fine for insufficient organisational and technical safeguards
20 September 2019
News
… 20 September 2019 Poland The President of the Personal Data Protection Office imposed a fine of an amount higher … and technical measures for the protection of personal data were not appropriate to the risk posed by the … the fine, the supervisory authority concluded that the breach which took place in this case was of considerable …
The CNIL, French Supervisory Authority fines FREE EUR 300,000
16 December 2022
News
… 12 and 21 of the GDPR), obligation to secure personal data (Article 32 of the GDPR), obligation to document a personal data breach (Article 33 of the GDPR) Decision: infringement of … 12 and 21 of the GDPR), obligation to secure personal data (Article 32 of the GDPR), obligation to document a …
Processing the personal data by a processor must be documented
20 December 2022
News
… Processing the personal data by a processor must be documented 20 December 2022 … of the case The Polish SA has been notified of a personal data breach at the Sułkowice Cultural Centre. In the course of … of the case The Polish SA has been notified of a personal data breach at the Sułkowice Cultural Centre. In the course …
Fine against hospital due to data protection deficits in patient management
3 December 2019
News
… Fine against hospital due to data protection deficits in patient management 3 December 2019 Germany The Commissioner for Data Protection and the Freedom of Information … in Rhineland-Palatinate. The fine is based on several breaches of the General Data Protection Regulation in the …
Polish SA imposed fine for failing to implement appropriate technical and organisational measures
31 May 2023
News
… fine, Cooperation, Employment, Notification of personal data breach Summary of the Decision Origin of the case The … This documentation contained, inter alia, personal data of the controller's employees and persons who were … fine, Cooperation, Employment, Notification of personal data breach Summary of the Decision Origin of the case …
Commercial prospecting and personal rights: French SA fined GROUPE CANAL+ EUR 600,000
12 October 2023
News
… and modalities for the exercise of the rights of the data subject), Article 13 (Information to be provided where personal data are collected from the data subject), Article 14 … processing), Article 33 (Notification of a personal data breach to the supervisory authority) Decision: …
Commercial prospecting and personal rights: French SA fined NS CARDS FRANCE €105,000
15 January 2024
News
… Article 5 (Principles relating to processing of personal data), Article 12 (Transparent information, communication … and modalities for the exercise of the rights of the data subject), Article 13 (Information to be provided where … carried out two investigations on the company. It found breaches concerning the time user account data was kept, the …
Spanish Data Protection Authority (AEPD) imposes fine on company for not complying with advertisement exclusion
18 August 2020
News
… Spanish Data Protection Authority (AEPD) imposes fine on company for … advertisement exclusion 18 August 2020 Spain The Spanish Data Protection Authority (AEPD) imposed a fine of 1.200 EUR … the promotion. The AEPD considered that this constitutes a breach of Article 48(1)(b) of the Spanish Law 9/2014 General …
Hungarian SA’s decision: failure by an airline company to comply with an erasure request concerning an email address used for direct marketing
2 February 2024
News
… and modalities for the exercise of the rights of the data subject), Article 17 (Right to erasure (‘right to be forgotten’)), Article 25 (Data protection by design and by default) … respect to the Complainant’s request, hence the Company breached Article 12(3) of GDPR when they failed to meet the …
EDPB-EDPS Joint Opinion 2/2021 on standard contractual clauses for the transfer of personal data to third countries
14 January 2021
EDPB/EDPS Joint Opinion
… standard contractual clauses for the transfer of personal data to third countries 14 January 2021 EDPB/EDPS Joint … standard contractual clauses for the transfer of personal data to third countries for the matters referred to in … clauses are suspended or prohibited in the event of the breach of such clauses or if it is impossible to honour …
Guidelines on your rights
… Guidelines on your rights Consent Transparency Personal data breach notifications Right to data portability Guidelines 5/2019 on the criteria of the … Consent Transparency Personal data breach notifications Right to data portability Guidelines …
Polish SA: administrative fine of 5 625 € for failure to implement appropriate technical and organisational measures to ensure security
6 February 2025
News
… Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 … Article 5 (Principles relating to processing of personal data) Decision: Administrative fine, Compliance order Key … Administrative fine,Data subject rights, Personal data breach, Principles relating to processing of personal data, …

First page
Previous page
…
4
5
6
7
8
9
10
11
12
…
Next page
Last page