28 October 2021
… Reference: GDPR: Article 5 (Principles applying to personal data processing); Article 6 (Lawfulness of processing); … service; inbound calls management; trade union agreements; data minimization Summary of the … found that the company had processed its employees’ data in breach of sector-specific national law and the general …
20 August 2024
… and modalities for the exercise of the rights of the data subject) Article 13 (Information to be provided where personal data are collected from the data subject) Keywords … Privacy statement International transfer Personal data breach Right to erasure Outcome No sanction …
24 May 2024
… intelligence Consistency New Technology Cybersecurity and data breach … Bruselas, 24 de mayo - Durante su último pleno, el …
7 January 2019
… following EDPB opinion 04/2019 for the transfer of personal data between each of the European Economic Area (“EEA”) … administrative arrangement for the transfer of personal data between Each of the European Economic Area (“EEA”) … social identity of that natural person; (e) “personal data breach” means a breach of data security leading to the …
17 September 2024
… Article 5 (Principles relating to processing of personal data) Decision: Administrative fine Key words: Health … had processed, without authorisation, non-anonymous health data, transmitted to its customers in order to carry out … of April 10, 2014). Then, the French SA found two breaches: Failure to comply with the obligation to carry out …
28 November 2024
… Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 … Article 5 (Principles relating to processing of personal data) Decision: Administrative fine, Compliance order Key … Administrative fine, Data subject rights, Personal data breach, Principles relating to processing of personal data, …
21 October 2022
… regarding their approval by the Board as European Data Protection Seal pursuant to Article 42.5 (GDPR) 10 … the design choices for a digital euro from the privacy and data protection perspective 10 October 2022 Publication … public consultation. Guidelines 9/2022 on personal data breach notification under GDPR 10 October 2022 Publication …
10 November 2020
… after the company notified the Irish SA of a personal data breach on 8 January 2019. In May 2020, the Irish SA shared … the role of Twitter International Company as the (sole) data controller, and the quantification of the proposed …
4 September 2025
… STYLES SERVICES CO. LIMITED Legal Reference: The French Data Protection Act (Article 82): failure to obtain user … withdrawing consent Decision: Infringement of the French Data Protection Act, Administrative fine Key words: Cookies … it has repeatedly sanctioned organisations for similar breaches and has made its decisions public. The massive …
18 December 2019
… 18 December 2019 Germany The Federal Commissioner for Data Protection and Freedom of Information (BfDI) imposed a … another case, the BfDI imposed a fine of EUR 10. 000 on Rapidata GmbH. Concerning this matter, the Federal Commissioner … The BfDI considers this authentication procedure to be in breach of Article 32 of the GDPR which obliges the company …
23 January 2024
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 12 … and modalities for the exercise of the rights of the data subject), Article 13 (Information to be provided where … from employees. Key Findings The French SA found several breaches of the GDPR regarding: Warehouse stock and order …
30 December 2021
… Article 5 (Principles relating to processing of personal data) Article 13 (Information to be provided where personal data are collected from the data subject) Article 17 (Right … be informed Right to erasure Data retention Personal data breach Data security Password Outcome Administrative fine …
19 July 2023
… information note for individuals and entities transferring data to the U.S.. This note aims to provide concise and … to the U.S., the redress mechanisms available under the Data Privacy Framework (DPF), and the new redress mechanism … a processing, the strengthening of the duty to notify data breaches to the Japanese data protection authority and to …
27 July 2020
… on July 9th on account of several instances of unlawful data processing that were mostly related to marketing. The … similar infringements that had occurred when the previous data protection law was in force. The fine was imposed … activities to call centres, which collected data in breach of the law. The pleadings submitted by Wind Tre and …
15 April 2024
… fine Keywords: own-initiative investigation, biometric data, Data Protection Impact Assessments Summary of the Decision … on the Hellenic Ministry of Migration and Asylum for the breaches found in relation to the cooperation with the …
19 May 2020
… 5 2.2.3 The data processor acts according to instructions (Clause 3 of … .................................... 6 2.2.6 Transfer of data to third countries or international organisations … ................... 7 2.2.8 Notification of personal data breach (Clause 9 of the SCCs) …
16 May 2022
… Controller: The municipality of Reykjavík. Legal Reference: data protection principles (Article 5), lawfulness of processing (Article 6), transparency (Article 13), data protection by design and default (Article 25), joint … SA concluded that the municipality of Reykjavík had breached various provisions of the GDPR using Seesaw. …
24 November 2020
… the City of Stockholm 24 November 2020 Sweden The Swedish Data Protection Authority has reviewed the so-called School … Board of Education in the City of Stockholm. The Swedish Data Protection Authority has received a number of personal data breach notifications from the City of Stockholm's Board of …
5 June 2025
… Article 5 (Principles relating to processing of personal data) Decision: administrative fine Key words: … in this ecosystem, in particular intermediaries who resell data, known as data brokers. Thus, the CNIL carried out … on the market, the financial benefit derived from the breaches and the complete cessation of activity of the …
25 September 2025
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 … access to the IT systems was blocked, resulting in a breach of the confidentiality and availability of personal …