Search results | European Data Protection Board

Polish SA: administrative fine of 210 € for failure to notify personal data breach to supervisory authority
28 November 2024
News
… Office then explained the procedure resulting from the GDPR. In the case of such an incident, the risk to which the … a fine of 210 € for infringement of Article 33 of the GDPR. For further information: Decision in national … Office then explained the procedure resulting from the GDPR. In the case of such an incident, the risk to which the …
Supervisory authorities of the Baltic States launch of coordinated inspection of the compliance of personal data processing in the field of short-term vehicle rental
27 July 2022
News
… the application of the General Data Protection Regulation (GDPR) and so proactively address potential threats to … the application of the General Data Protection Regulation (GDPR) and so proactively address potential threats to …
Decision in the matter of Meta Platforms Ireland Limited and the "Instagram" social media network made pursuant to Section 111 of the Data Protection Act 2018
15 September 2022
Binding decision of the Board (Art. 65)
… Ireland Limited (Instagram) under Article 65(1)(a) GDPR …
Verhaltensregeln / Code of Conduct für die Ausübung des Gewerbes der Bilanzbuchhaltungsberufe (Bilanzbuchhalter, Buchhalter, Personalverrechner)
6 November 2020
Decision by the SA
… Austria Type Code for Controllers/Processors subject to GDPR Scope National Monitoring Body 1) DSGVO-ZT GmbH, …
Code of Conduct concerning the Protection of Personal Data Processed in Small Medical Facilities
14 December 2022
Decision by the SA
… Poland Type Code for Controllers/Processors subject to GDPR Scope National Monitoring Body RS Jamano Ltd Pursuant …
Code of Conduct for the processing of personal data by private research agencies
24 November 2025
Decision by the SA
… Poland Type Code for Controllers/Processors subject to GDPR Scope National Monitoring Body Omni Modo sp. z o.o. …
Código de Conducta tratamiento de datos en la actividad publicitaria / Code of Conduct data processing in advertising activities
10 October 2023
Decision by the SA
… Spain Type Code for Controllers/Processors subject to GDPR Scope National Opinion/Guideline References Guidelines …
General Court: WhatsApp annulment action inadmissible
7 December 2022
News
… a draft decision of the Irish DPA concerning WhatsApp IE’s GDPR transparency obligations to both users and non-users of … a draft decision of the Irish DPA concerning WhatsApp IE’s GDPR transparency obligations to both users and non-users of …
Personal data breach at the Breiðholt Upper Secondary School – Administrative fine
10 March 2020
News
… violations of, inter alia, Art. 5(1)f and Art. 32 of the GDPR. When determining the fine, the SA referred to the … violations of, inter alia, Art. 5(1)f and Art. 32 of the GDPR. When determining the fine, the SA referred to the …
Italian DPA imposes limitation on processing on TikTok after the death of a Girl from Palermo
26 January 2021
News
… with certainty. The SA decided to take urgent measures (GDPR, art. 58, comma 2, lett. f) and art. 66, comma 1) … with certainty. The SA decided to take urgent measures (GDPR, art. 58, comma 2, lett. f) and art. 66, comma 1) …
Polish DPA fines Warsaw University of Life Sciences (SGGW)
11 September 2020
News
… of confidentiality and accountability specified in the GDPR. It is worth noting that the personal data of … of the principle of storage limitation provided for in the GDPR. Moreover, in the course of the conducted proceedings … of confidentiality and accountability specified in the GDPR. It is worth noting that the personal data of …
Finnish DPA imposed three administrative fines for data protection violations
27 May 2020
News
… had not made the impact assessment required by the GDPR before starting to process the location data. The … controller’s documentation related to compliance with the GDPR. The company had asked for information on matters such … had not made the impact assessment required by the GDPR before starting to process the location data. The …
Polish DPA: The incident must be notified to the supervisory authority and the data subjects
30 June 2021
News
… therein in accordance with the requirements under the GDPR. The Polish DPA asked the Foundation to indicate … proceedings against the Foundation. Pursuant to the GDPR, in case of a personal data breach, the controller … therein in accordance with the requirements under the GDPR. The Polish DPA asked the Foundation to indicate …
EDPBI:UK:OSS:D:2019:50
11 September 2019
… to erasure (Article 17) Decision: No infringement of the GDPR Key words: Lawfulness of the processing, Right to …
EDPBI:BE:OSS:D:2019:19
17 May 2019
… subject, thus violating its obligations under Article 12.3 GDPR. The LSA considers that the deadline to answer the …
The Norwegian SA issues fine to the Municipality of Østre Toten for flawed information security
7 July 2022
News
… the controller (Article 24) Decision: Infringement of the GDPR, Order to comply Key words: Cyber attack, Ransomware, … the controller (Article 24) Decision: Infringement of the GDPR, Order to comply Key words: Cyber attack, Ransomware, …
The Norwegian SA issues fine to the Norwegian Public Service Pension Fund
24 November 2021
News
… 5), Legal basis (Article 6) Decision: Infringement of the GDPR Key words: Income Data, Lack of Procedures, Special … 5), Legal basis (Article 6) Decision: Infringement of the GDPR Key words: Income Data, Lack of Procedures, Special …
The Icelandic SA: HEI medical travel agency fined for an unlawful use of an e-mail address and not handling an access request
24 May 2022
News
… right of access (Article 15) Decision: infringement of the GDPR, fine 1.5 million ISK (approx. 10.700 Euros). Key … right of access (Article 15) Decision: infringement of the GDPR, fine 1.5 million ISK (approx. 10.700 Euros). Key …
Swedish SA: Administrative fine against bank for transferring customer data to Meta
2 September 2024
News
… bank has violated the general data protection regulation, GDPR, by not having taken appropriate technical and … bank has violated the general data protection regulation, GDPR, by not having taken appropriate technical and …
El CEPD adopta una declaración sobre la garantía de la edad, crea un grupo de trabajo sobre la aplicación de la IA y formula recomendaciones a la AMA
12 February 2025
Press releases
… marco jurídico que promueve la innovación responsable. El GDPR ha sido diseñado para mantener altos estándares de … marco jurídico que promueve la innovación responsable. El GDPR ha sido diseñado para mantener altos estándares de …