… developed as part of the EDPB 2021-2023 Strategy to help Data Protection authorities (DPAs) increase their capacity … techniques, Risk analysis and attacks with respect to data re-identification (including inference attacks), … foundations of cryptography DPIA, personal data breaches, risk management Data science or statistical …
3 January 2024
… 2023 Cross-border case Hungarian National Authority for Data Protection and Freedom of Information (Hungarian … Supervisory Authority, SA) and CSAs: Office for Personal Data Protection of the Slovak Republic (Slovak Supervisory … respective responsibilities. , The Foundation was found in breach of Article 26(1) of the GDPR, as the cooperation …
21 January 2019
… the company GOOGLE LLC, in accordance with the General Data Protection Regulation (GDPR), for lack of transparency, … ads personalization. On 25 and 28 May 2018, the National Data Protection Commission (CNIL) received group complaints … the CNIL’s restricted committee responsible for examining breaches of the Data Protection Act observed two types of …
28 January 2020
… Guidelines 1/2020 on processing personal data in the context of connected vehicles and mobility … reference: 1/2020 Guidelines 1/2020 on processing personal data in the context of connected vehicles and mobility … connected vehicles are critical systems where a security breach may endanger the life of its users and Adopted - …
25 November 2019
… Communications SA was sanctioned with a reprimand for the breach of provisions of Article 32 paragraph (1) letter b) … Communications SA could not prove the accuracy of the data processed, which led to the violation of the basic principle for data processing provided by Article 5 paragraph (1) letter …
14 August 2024
… Article 5 (Principles relating to processing of personal data) Article 32 (Security of processing) Keywords Personal data breach Outcome Administrative fine decision-no-1400.pdf …
7 February 2024
… Article 5 (Principles relating to processing of personal data) Article 32 (Security of processing) Keywords Clients Data security Phishing emails Personal data breach Outcome Compliance order …
10 June 2021
… patient website 10 June 2021 Netherlands The Dutch Data Protection Authority (DPA) has imposed a €12,000 fine … website. As a result, patients’ sensitive personal data, such as their citizen service number (BSN), could have … case. If the confidentiality of sensitive personal data is breached, this could put people at serious risk. It could, …
2 September 2024
… and modalities for the exercise of the rights of the data subject), Article 15 (Right to access by the data subject) Decision: Administrative fine Key words: … the modalities of the right to access, the defendant has breached the articles 12.2, 12.3 et 15 GDPR because of the …
15 December 2020
… 15 4 The processing of silent party data … 16 4.1 Silent party data … 16 4.3 Further processing of personal data of the silent … 16 5 The processing of special categories of personal data under the PSD2 ....................................... … the risks of payment fraud as an example36. Where a data breach involves financial data, the data subject may be …
4 November 2021
… Article 5 (Principles relating to processing of personal data) Article 32 (Security of processing) Keywords Personal data breach Data security Fraud Third party access to personal …
6 July 2022
… (Article 21), Information to be provided where personal data have not been obtained from the data subject (Article 14), Information, communication and … The amount of this fine was decided in the light of the breaches identified as well as all the measures taken by the …
5 May 2022
… and fine imposed Key words: special categories of personal data, unauthorised access Summary of the Decision Origin … of 21 attachments contained special categories of personal data, see Article 9 (1) of the GDPR. The municipality … Authority also received notice of a personal data breach from Lillestrøm Municipal Council on 29 September. …
4 October 2023
… Article 5 (Principles relating to processing of personal data) Article 15 (Right of access by the data subject) Article 34 (Communication of a personal data breach to the data subject) Keywords Data minimisation Data …
20 October 2022
… AI Legal Reference: Lawfulness of processing of personal data (article 6 of the GDPR), Rights of individuals … AI formal notice to cease the collection and use of data of persons on French territory in the absence of a … Key Findings Unlawful processing of personal data (breach of article 6 of the GDPR) Individuals' rights not …
13 May 2021
… 1, letters a) and c) (lawfulness, fairness, transparency; data minimisation); Article 6 (Lawful processing); Article 9 (Processing of special category data); Article 13 (Information); Article 35 (DPIA); Article … nature of the information that had been processed in breach of the law. Additionally, the municipality was …
12 May 2023
… Infringement of the GDPR, Order to erase complainant’s data, Order to name an Article 27 representative Key words: Facial recognition; biometric data Summary of the Decision Origin of the case … The permanent storage of personal data also constitutes a breach of data minimisation principle. Article 9(1): The …
6 January 2021
… and modalities for the exercise of the rights of the data subject) Article 32 (Security of processing) Keywords Personal data breach Data security Password Data subject rights …
25 September 2025
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 28 … processing), Article 33 (Notification of a personal data breach to the supervisory authority) Decision: …
2 May 2025
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 9 (Processing of special categories of personal data), Article 13 (Information to be provided where … to the President of the Personal Data Protection Office a breach involving the loss or theft of memory cards from the …