Search results | European Data Protection Board

Data Pro Code
20 August 2020
Decision by the SA
… Netherlands Type Code for Controllers/Processors subject to GDPR Scope National Opinion/Guideline References Guidelines …
CoC regulating the sector of job agencies
11 January 2024
Other
… Italy Type Code for Controllers/Processors subject to GDPR Scope National Monitoring Body (website under …
March Plenary - adopted documents
21 March 2022
News
… Guidelines 02/2022 on the application of Article 60 GDPR 14 March 2022 Publication Type: Guidelines Topics: …
Dutch SA fines Booking.com for delay in reporting data breach
10 December 2020
News
… authority, article 33 (1) Decision: Infringement of the GDPR, administrative fine Key words: Data breach, delayed … authority, article 33 (1) Decision: Infringement of the GDPR, administrative fine Key words: Data breach, delayed …
Finnish SA: Administrative fine on business directory operator for infringements of the right to obtain call recordings
6 July 2023
News
… method of delivering call recordings in accordance with the GDPR. Neither did the company inform the Finnish SA of … method of delivering call recordings in accordance with the GDPR. Neither did the company inform the Finnish SA of …
Icelandic SA: administrative fine imposed on the Primary Health Care of the Capital area for the unlawful processing in relation to the integration of medical record systems.
7 March 2025
News
… lawfulness of the processing (Articles 5.1 (a), 6.1 and 9.1 GDPR). Decision The Icelandic SA imposed a fine of 33 854 … lawfulness of the processing (Articles 5.1 (a), 6.1 and 9.1 GDPR). Decision The Icelandic SA imposed a fine of 33 854 …
Polish DPA imposes a fine on Warsaw University of Technology for not complying with its obligation
14 January 2022
News
… (Art. 32(1), Art. 32(2)) Decision: infringement of GDPR, fine issued Key words: principles, processing, … (Art. 32(1), Art. 32(2)) Decision: infringement of GDPR, fine issued Key words: principles, processing, …
Polish DPA imposes a fine on Pactum Poland Sp. z o.o. for lack of cooperation
24 February 2022
News
… 31), Powers (Art. 58 (1)(e)) Decision: infringement of GDPR, fine issued Key words: investigative powers, lack of … 31), Powers (Art. 58 (1)(e)) Decision: infringement of GDPR, fine issued Key words: investigative powers, lack of …
Enforcement notice in the matter of Meta Platforms Ireland Limited made pursuant to Sections 133(9) and 133(10) of the Data Protection Act, 2018 and Articles 60 and 66 of the General Data Protection Regulation
7 December 2023
Urgent Binding decision of the Board (Art. 66)
… measures regarding Meta Platforms Ireland Ltd (Art. 66(2) GDPR) … Enforcement notice in the matter of Meta Platforms …
Vinted investigation signals closer and stronger cooperation between personal data protection supervisory authorities
2 June 2022
Press releases
… cooperation to investigate compliance of this website with GDPR. After the working group was formed, the Dutch … cooperation to investigate compliance of this website with GDPR. After the working group was formed, the Dutch …
Polish SA imposed fine for failing to implement appropriate technical and organisational measures
31 May 2023
News
… characteristics of a data breach within the meaning of the GDPR. The Polish SA, taking into account the scope of … characteristics of a data breach within the meaning of the GDPR. The Polish SA, taking into account the scope of …
Norwegian Supervisory Authority: Mowi ASA reprimanded and ordered to update its procedures
26 April 2022
News
… Key Findings This case is an important reminder that the GDPR's requirement to provide information also applies when … Key Findings This case is an important reminder that the GDPR's requirement to provide information also applies when …
The Norwegian Supervisory Authority has fined the Norwegian Labour Inspection Authority
16 May 2022
News
… by the data subject (Art. 15) Decision: Infringement of the GDPR and fine imposed, Reprimand Key words: Credit rating … by the data subject (Art. 15) Decision: Infringement of the GDPR and fine imposed, Reprimand Key words: Credit rating …
Norwegian Supervisory Authority issues fine to Trumf
22 June 2022
News
… of Processing (Art. 32) Decision: Infringement of the GDPR and fine imposed Key words: unauthorised access, Lack … of Processing (Art. 32) Decision: Infringement of the GDPR and fine imposed Key words: unauthorised access, Lack …
Swedish DPA: Incorrect use of 24/7 surveillance of firefighters
10 June 2021
News
… of the Rescue Service in Östra Skaraborg for violations of GDPR. The camera surveillance has recently ceased. For … of the Rescue Service in Östra Skaraborg for violations of GDPR. The camera surveillance has recently ceased. For …
Personal data breach at the National Center of Addiction Medicine – Administrative fine
10 March 2020
News
… violations of, inter alia, Art. 5(1)f and Art. 32 of the GDPR. When determining the fine, the SA referred to the … violations of, inter alia, Art. 5(1)f and Art. 32 of the GDPR. When determining the fine, the SA referred to the …
EuroPriSe
… processing operations by processors in accordance with the GDPR using the EuroPriSe method Type of criteria National …
Polish SA: Not just negative consequences, but the risk of their occurrence as a reason for breach notification
3 March 2022
News
… data subject (Article 34(1)) Decision: Infringement of the GDPR, administrative fine Key words: information … data subject (Article 34(1)) Decision: Infringement of the GDPR, administrative fine Key words: information …
EDPB-EDPS Joint Opinion 1/2021 on standard contractual clauses between controllers and processors
14 January 2021
EDPB/EDPS Joint Opinion
… Directive 95/46/EC (General Data Protection Regulation or “GDPR”) establishes, in its Article 28, a set of provisions … be incorporated in it. 2. According to Article 28 (3) GDPR, the processing by a processor shall be governed by a … on behalf of the controller. 3. Under Article 28 (6) GDPR, without prejudice to an individual contract between …
The Icelandic SA: fine imposed on Harpa Concert Hall for the collection of the ID number and date of birth of a data subject
24 May 2022
News
… of processing (Article 6) Decision: infringement of the GDPR, order to comply, fine 1 million ISK (approx. 7.200 … of processing (Article 6) Decision: infringement of the GDPR, order to comply, fine 1 million ISK (approx. 7.200 …