2 June 2021
… EDPB. In 2020, the EDPB issued 32 Opinions under Art. 64 GDPR. Most of these Opinions concern draft accreditation … first dispute resolution decision on the basis of Art. 65 GDPR. The binding decision addressed the dispute that arose … reasoned objections expressed by a few Concerned SAs. The GDPR requires the EEA SAs to cooperate closely to ensure the …
14 July 2022
… of the rights in the Proposal is not consistent with the GDPR and there is a substantial risk of legal uncertainty … of the different rights between the Proposal and the GDPR.” EDPS Supervisor Wojciech Wiewiórowski said : “ Health … the Commission’s efforts to align the Proposal with the GDPR provisions when personal data is involved, they note …
12 January 2022
… consultation) Opinion 39/2021 on whether Article 58(2)(g) GDPR could serve as a legal basis for a supervisory … consultation) Opinion 39/2021 on whether Article 58(2)(g) GDPR could serve as a legal basis for a supervisory …
14 March 2018
… their rights and obligations. We are also empowered by the GDPR to make binding decisions towards national supervisory … their rights and obligations. We are also empowered by the GDPR to make binding decisions towards national supervisory …
28 January 2025
… compartir e iniciar sesión, deja un rastro digital. El GDPR garantiza que sus datos solo se puedan usar de la … compartir e iniciar sesión, deja un rastro digital. El GDPR garantiza que sus datos solo se puedan usar de la …
5 August 2020
… breach or to mitigate its adverse effects (Art. 33 (3) (d) GDPR) The passwords of the affected accounts have been … or public communi- cation (Art. 34(1) or Art. 34(3) (c) GDPR) The controller has notified all data subjects and … the incident occurred, e.g. encryption (Article 34 (3) (a) GDPR) No particular measures beyond the standard IT security …
4 November 2024
… failed to demonstrate compliance with Article 6 of the GDPR in accordance with the accountability principle. … decided that there is no legal basis under Article 6 of the GDPR for the broadcast of the CCTV footage of employees … of the national Data Protection Act and Article 13 of the GDPR since the company also failed to inform data subjects …
4 October 2022
… Data Protection Act), Article 5.1(c) and 6.1(f) of the GDPR Decision: Order to comply Key words: GPS tracking … processing the personal data pursuant to Article 6 of the GDPR. Decision The Slovenian SA was assessing whether … was lawful in accordance to Article 6.1 (f) of the GDPR – legitimate interests. Slovenian SA confirmed that …
25 May 2018
… all the tasks it is required to carry out under the GDPR. The EDPB Secretariat is composed of legal experts, … all the tasks it is required to carry out under the GDPR. The EDPB Secretariat is composed of legal experts, …
26 August 2024
… as a company in Belgium. Based on Article 60.8 of GDPR, the decision to reject the complaint was made by the … of Articles 12.1, 12.2, 12.3, 12.4, 17, 24 and 25.1 GDPR as stated by the complainant, as it was shown by the … data erasure. The Belgian SA found violations of the GDPR outside the scope of the complaint, which will be …
10 June 2022
… Insurance Against Occupational Accidents. Legal Reference: GDPR: Art. 5.1, letters a) and f) (lawfulness, fairness and … personal data). Decision: finding of infringements of the GDPR (imposition of administrative fine); finding of data … users’) personal data including health data (Art. 4.10 GDPR), which amounted to the unauthorised disclosure of …
27 June 2023
… lawful ground for all processing operations (Article 6 (1) GDPR) Failure to comply with the obligation to process … fairly and in a transparent manner (Article 5(1)(a) GDPR) Decision No provision that clearly stipulates the … data unlawfully and against Articles 5(1)(a) and 6(1) GDPR, as the company could not rely on any legal basis. …
13 October 2020
… IP address, refers to Art. 6 para. 1 sentence 1 lit. f GDPR. sees the legitimate interest in the processing of … attacks, in particular to meet the requirements of Art. 32 GDPR and § 13 para. 7 TMG. Furthermore, the method aims at … risks" in the sense of Art. 6 para. 1 sentence 1 lit. f GDPR. 3 III. Legal assessment The Brandenburg Commissioner …
3 February 2022
… Regulation (EU) 611/2013 Decision: Infringement of the GDPR, Fines imposed Key words: GDPR, Data breach, Security, Data protection impact … ΟΤΕ S.A. was found to have infringed Article 32 of the GDPR due to inadequate security measures taken in relation …
20 November 2024
… and processing by COSMOSPACE (Article 5.1.c of the GDPR) Failure to comply with the obligation to retain data … limited to the intended purpose (Article 5.1.e of the GDPR) Failure to comply with the obligation to obtain prior … special categories of personal data (Article 9 of the GDPR) Failure to comply with the obligation to obtain …
19 March 2019
… constituted violations of both art. 5(1)f and art. 32 GDPR. Consequently the supervisory authority issued an … that the data security was inadequate. - In the GDPR, children are defined as a particularly vulnerable … trust the public sector, says director Bjørn Erik Thon. The GDPR stipulates that administrative fines shall be …
28 November 2024
… took place, but in his opinion there was no breach of the GDPR provisions. However, the proceeding conducted by the … the DPA revealed a breach of a number of provisions of the GDPR, including those relating to personal data security. … € for infringement of Articles 24, 25, 32, 33 and 34 of the GDPR. In the decision, the President of the Personal Data …
17 October 2023
… In its decision, IMY states that H&M has violated the GDPR by not ceasing to handle the complainants' personal … 28 500 EUR) against the company for violations of the GDPR. For further information: H&M har gjort det onödigt … In its decision, IMY states that H&M has violated the GDPR by not ceasing to handle the complainants' personal …
5 August 2020
… breach or to mitigate its adverse effects (Art. 33 (3) (d) GDPR) Both the document and the entry were deleted. … or public communi- cation (Art. 34(1) or Art. 34(3) (c) GDPR) The data subjects concerned were informed in writing … the incident occurred, e.g. encryption (Article 34 (3) (a) GDPR) This was not a technical error. 6. Subsequent measures …
15 November 2022
… BCR applications since the entering into application of the GDPR. The recommendations provide additional guidance and … essentially equivalent to the one provided by the GDPR. The aim of these recommendations is to: provide an … BCR applications since the entering into application of the GDPR. The recommendations provide additional guidance and …