15 April 2024
… Article 14 (Information to be provided where personal data have not been obtained from the data subject) Decision: Administrative fine Key words: … websites. Key Findings The French SA found several breaches of the GDPR: Failure of the obligation to have a …
30 June 2025
… and modalities for the exercise of the rights of the data subject), Article 13 (Information to be provided where personal data are collected from the data subject), Article 9 … administrative fine, communication order personal data breach Key words: administrative fine, reprimand to …
19 March 2026
… easing compliance while protecting individuals’ personal data 19 March 2026 EDPB EDPS Brussels, 19 March 2026 – The European Data Protection Board (EDPB) and the European Data … a single-entry point for the notification of personal data breaches , as it would reduce the administrative burden for …
28 November 2024
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), … order Key words: Accountability, Administrative fine, Data subject rights, Hacker attack, National identification … have had a real impact on the occurrence of a personal data breach. Key Findings The President of the Personal Data …
6 February 2025
… Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 … Article 5 (Principles relating to processing of personal data), Article 28 (Processor) Decision: Administrative fine, … administrative fine, Data subject rights, Personal data breach, Principles relating to processing of personal data, …
1 December 2022
… 14 of the GDPR) obligation to ensure security of personal data (Article 32 of the GDPR) Decision: administrative fine … and 14 of the GDPR) Failure to ensure security of personal data (Article 32 of the GDPR) Decision Based on findings … public. The amount of the fine was decided considering the breaches observed and the cooperation by the company and all …
… and processors Guidelines 01/2021 on Examples regarding Data Breach Notification - version for public consultation … compliance with the EU level of protection of personal data - version for public consultation Guidelines 4/2019 on … Guidelines 01/2021 on Examples regarding Data Breach Notification - version for public consultation …
16 May 2019
… reference Article 6 (Lawfulness of processing) Keywords Data security Lawfulness of processing Personal data breach Outcome No violation Summary 87.7KB Download Decision … Decision: No liability of the processor Key words: Data breach, Lawfulness of processing, Security of …
2 July 2019
… 32 (4) in relation to Article 32 (1) and (2) of the General Data Protection Regulation in respect of the security of processing. The data controller, WORLD TRADE CENTER BUCHAREST S.A., was … to a fine of 71028 lei, the equivalent of 15,000 Euros. The breach of personal data security consisted in the fact that …
1 February 2021
… known by mothers and fathers-to-be in Belgium, for various breaches of the GDPR. Family Service is a marketing company … lodged at the DPA alleging the company transferred personal data to third parties, including data brokers, without valid consent on the part of the …
18 August 2020
… fine for Rælingen municipality The Norwegian Data Protection Authority has imposed an administrative fine … 47,500 to Rælingen Municipality. The fine is imposed after data concerning health of children with special needs was … started when we received a notification of a personal data breach from the municipality. Upon further investigation of …
… Guidelines During its first plenary meeting the European Data Protection Board endorsed the GDPR related WP29 … of Regulation 2016/679, WP251rev.01 Guidelines on Personal data breach notification under Regulation 2016/679, WP250 rev.01 … During its first plenary meeting the European Data Protection Board endorsed the GDPR related WP29 …
12 February 2021
… that the Swedish Police Authority has processed personal data in breach of the Swedish Criminal Data Act when using Clearview AI to identify individuals. … that the Swedish Police Authority has processed personal data in breach of the Swedish Criminal Data Act when using …
20 November 2024
… Article 5 (Principles relating to processing of personal data), Article 9 (Processing of special categories of personal data) Decision: Administrative fine Key words: Sensitive … carried out by the CNIL in 2021 revealed several breaches, including the collection of sensitive data without …
11 February 2021
… of medical records 11 February 2021 Netherlands The Dutch Data Protection Authority (DPA) has imposed a fine of … security measures couldn’t guarantee that. That’s a serious breach and that’s why the DPA has imposed this fine.’ … medical information, patient records also contain personal data like citizen service numbers, addresses and phone …
5 May 2021
… million fine to Disqus Inc. 5 May 2021 Norway The Norwegian Data Protection Authority has notified Disqus Inc. (Disqus) … it also engages in programmatic advertising. The Norwegian Data Protection Authority was made aware of the matter … In our advance notification, we also consider that Disqus breached the GDPR transparency and information requirements …
22 June 2022
… Legal Reference: Notification of a personal data breach to the supervisory authority (Art. 33), Security of … people on their membership profiles, which is a personal data breach. Trumf has an obligation to report all such … Legal Reference: Notification of a personal data breach to the supervisory authority (Art. 33), Security …
13 May 2021
… of Asker fined 13 May 2021 Norway The Norwegian Data Protection Authority has fined Asker municipality EUR … Municipality was fined for publishing confidential personal data and National Identity Numbers (NID) on its website. The municipality has breached the data protection regulations requirements …
25 March 2019
… The Danish Data Protection Agency proposes a DKK 1,2 million fine for Danish taxi company 25 March 2019 Denmark The Danish Data Protection Agency has issued a statement declaring that … to fine Taxa 4x35 for a total of DKK 1. 2 million for a breach of the GDPR. Taxa 4x35 could be fined for failure to …
8 September 2021
… national case Controller: AG2R LA MONDIALE Legal Reference: Data retention period (Article 5.1.e GDPR), Information … Key words: Insurances, data retention, information Summary of the Decision Origin … comply with articles 5-1-e, 13 and 14 of the GDPR. Decision Breach of Article 5-1-e of the GDPR The company had not …