Search results | European Data Protection Board

EDPB Response to Ailidh Callander, Legal Officer (Privacy International)
18 June 2020
Letters
… EDPB Response to Ailidh Callander, Legal Officer (Privacy International) 18 June 2020 Letters EDPB … national supervisory authorities. The role of the European Data Protection Board is to ensure the consistent application of … EDPB Response to Ailidh Callander, Legal Officer (Privacy International) …
Finnish SA: pharmacy company Yliopiston Apteekki issued administrative fine for online shop data protection shortcomings
17 June 2025
Press releases
… Apteekki issued administrative fine for online shop data protection shortcomings 17 June 2025 Finland Background … Article 5 (Principles relating to processing of personal data), Article 25 (Data protection by design and by … Article 5 (Principles relating to processing of personal data), Article 25 (Data protection by design and by …
Polish SA: administrative fine of 2 500 € for the way of collecting the data
28 November 2024
News
… fine of 2 500 € for the way of collecting the data 28 November 2024 Poland Background information Date of … Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 (Security … Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 …
Polish DPA: University Fined for the lack of Data Breach Notifications
26 January 2021
News
… Polish DPA: University Fined for the lack of Data Breach Notifications 26 January 2021 Poland The President of the Personal Data Protection Office (UODO) imposed a fine of PLN 25 000 … The President of the Personal Data Protection Office (UODO) imposed a fine of PLN 25 000 …
The Belgian Data Protection Authority imposes two new fines
28 November 2019
News
… The Belgian Data Protection Authority imposes two new fines 28 November 2019 … has imposed a fine of €5000 on a mayor and a municipal officer in two separate cases. These fines were imposed … The Belgian Data Protection Authority has imposed a fine of €5000 on a …
Polish SA: lack of procedures to protect personal data processed by the press - administrative fine of 13 500 €
7 May 2025
News
… Polish SA: lack of procedures to protect personal data processed by the press - administrative fine of 13 500 … fine, Compliance order Key words: Administrative fine, Data security, Encryption, Personal data breach, Data … In this context, the President of the Personal Data Protection Office carried out a comprehensive inspection …
The Polish supervisory authority imposed first administrative fine on a public entity
31 October 2019
News
… entity 31 October 2019 Poland The President of the Personal Data Protection Office (“The President of the Office”) imposed … was that the mayor of the city did not conclude a personal data processing agreement with the entities to which he … The President of the Personal Data Protection Office (“The President of the Office”) …
Zdravko Vukić elected new Deputy Chair of the European Data Protection Board
19 June 2024
Press releases
… Zdravko Vukić elected new Deputy Chair of the European Data Protection Board 19 June 2024 EDPB Brussels, 19 June - … from 2005 to 2016, he served as a Chief Human Resources Officer in charge of the organisation's employees and legal … - During its latest plenary, the Members of the European Data Protection Board (EDPB) elected Zdravko Vukić, Director …
Polish SA: administrative fine of EUR 1 170 for Social Welfare Centre and EUR 2 341 EUR for Mayor of Aleksandrów for ignoring the risk of ransomware attack
25 September 2025
News
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 28 … Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), …
Minors: Italian SA sanctions nursery school. Cameras installed without safeguards and photos of children published online
18 November 2025
News
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 7 … are collected from the data subject), Article 35 (Data protection impact assessment), Article 37 (Designation of the data protection officer), Article 38 (Position of the data protection …
Polish SA: administrative fine of EUR 4 022 773 for McDonald’s Polska sp. z o.o. and EUR 43 680 for 24/7 Communication Sp. z o.o. for negligence in risk analysis and safeguards
25 September 2025
News
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 28 … data subject), Article 38 (Position of the data protection officer) Decision: Administrative fine Key words: …
Polish SA: administrative fine of 262 500 € for hidden video surveillance in neonatology department and failure to implement appropriate security measures
2 May 2025
News
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 9 (Processing of special categories of personal data), Article 13 (Information to be provided where … 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 (Security …
Administrative fine imposed on the Finnish Motor Insurers’ Centre for the collection of unnecessary patient information
8 February 2022
News
… Lawfulness, fairness and transparency (Art. 5(1)(a)), data minimisation (Art. 5(1)(c)), data protection by design and by default (Art. 25(2)) … Lawfulness, fairness and transparency (Art. 5(1)(a)), data minimisation (Art. 5(1)(c)), data protection by design and by default (Art. 25(2)) Decision: …
Polish DPA fines Surveyor General of Poland: Full inspection must be carried out
20 July 2020
News
… be carried out 20 July 2020 The President of the Personal Data Protection Office (UODO), after having conducted an … protection, and whether GGK has appointed a Data Protection Officer. Unfortunately, due to the lack of access by the … The President of the Personal Data Protection Office (UODO), after having conducted an …
Europe Day 2021
7 May 2021
News
… a special webpage. Check it out here to learn more about data protection and privacy in the EU. For more information … a special webpage. Check it out here to learn more about data protection and privacy in the EU. For more information …
EDPB publishes CSC biannual report and work programme 2025-2026
13 February 2025
News
… Information System (IMI) transparency obligations for data controllers . In addition, in July 2023, the CSC … ‘Europol’s information systems - a guide for exercising data subjects’ rights: the right of access, rectification, … programme 2025-2026 . To ensure a continuous high level of protection of individuals’ rights, the Committee will …
Polish DPA Fines ENEA S.A.: A data breach must be notified to the supervisory authority
11 January 2021
News
… Polish DPA Fines ENEA S.A.: A data breach must be notified to the supervisory authority 11 … 000) on ENEA S.A. company for failing to notify a personal data breach. The Personal Data Protection Office (UODO) received information about the … 000) on ENEA S.A. company for failing to notify a personal data breach. The Personal Data Protection Office (UODO) …
Polish SA fines controller EUR 5300 for failure to implement appropriate security measures
20 April 2023
News
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 (Security … of more than 5 300 EUR (23 580 PLN) on the Disciplinary Officer of the Bar Association for breaching the provisions …
Polish SA: administrative fine of 81 000 € for failure to implement appropriate technical and organisational measures to ensure security
6 February 2025
News
… Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 (Security … Article 5 (Principles relating to processing of personal data), Article 28 (Processor), Article 34 (Communication of … Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 …
Race to become new EDPB Chair officially kicked off
26 April 2023
News
… end on 15 May 2024. The following Heads of national data protection authorities (DPAs) expressed their interest to … end on 15 May 2024. The following Heads of national data protection authorities (DPAs) expressed their interest to …