16 April 2021
… on the EDPB website. Opinion 14/2021 is based on the GDPR and assesses both general data protection aspects and … on the EDPB website. Opinion 14/2021 is based on the GDPR and assesses both general data protection aspects and …
31 October 2019
… with Article 32 paragraph (1) and paragraph (2) of the GDPR , which led to imposing an administrative fine in the … with Article 32 paragraph (1) and paragraph (2) of the GDPR , as well as of Article 33 paragraph (1) of the GDPR, which led to imposing an administrative fine in the …
6 February 2025
… data. This was because, contrary to the indications of the GDPR the controller had not carried out an adequate risk … so that the processing meets the requirements of the GDPR and protects the rights of data subjects (point I(b) of … to comply with the principle of accountability under the GDPR (Article 5(2)) both before and after the incident. At …
6 February 2025
… bank has failed to comply with its obligations under the GDPR after the personal data of a group of customers was … secrets does not exempt from the application of the GDPR. Decision The President of the Personal Data … 928 498,06 € on mBank for infringement of Article 34 of the GDPR. The fine amount represents 24 thousandths of one per …
5 August 2020
… breach or to mitigate its adverse effects (Art. 33 (3) (d) GDPR) Both the document and the entry were deleted. … or public communi- cation (Art. 34(1) or Art. 34(3) (c) GDPR) The data subjects concerned were informed in writing … the incident occurred, e.g. encryption (Article 34 (3) (a) GDPR) This was not a technical error. 6. Subsequent measures …
16 May 2022
… - article 35(2) icw 38(1) Decision: infringement of the GDPR, administrative fines Key words: illegally processing … violations of the General Data Protection Regulation (GDPR). For example, the Tax Administration had no statutory … - article 35(2) icw 38(1) Decision: infringement of the GDPR, administrative fines Key words: illegally processing …
6 July 2021
… required by the General Data Protection Regulation (GDPR) for carrying out direct marketing. The Office of the … their rights as data subjects in accordance with the GDPR, because the robot could not understand the question of … and the method for obtaining it were not compliant with the GDPR, because consent was not requested separately for …
20 March 2019
… relying on the new powers set out in Article 58 of the EU GDPR. The warning was addressed to the Revenue Agency to … the 15 th of April this year, pursuant to Article 35 of the GDPR. The Garante had already emphasized that the Agency … data protection by design approach that is set forth in the GDPR; indeed, the Garante had pointed out that such a …
13 July 2020
… breach or mitigate its adverse effects (Art. 33 (3) (d) GDPR) The company hired a forensics firm to identify network … or public com- munication (Art. 34 (1) or Art. 34 (3) (c) GDPR) The concerned data subjects were informed of the … incident occurred, e.g. encryption (Arti- cle 34 (3) (a) GDPR) - 3 - The stolen passwords were hashed with PBKDF2-SHA …
3 February 2022
… of processing (Article 6). Decision: Infringement of the GDPR, order to comply. Key words: … operations into compliance with the provisions of the GDPR within six months of this decision. For further … of processing (Article 6). Decision: Infringement of the GDPR, order to comply. Key words: …
28 March 2022
… Media Magazines B.V. Legal Reference: article 12 (2) GDPR Decision: Infringement of the GDPR, administrative fine Key words: identity document; … Media Magazines B.V. Legal Reference: article 12 (2) GDPR Decision: Infringement of the GDPR, administrative …
21 April 2022
… data pertaining to a special category of data under the GDPR (health data). The temperature checks were mainly based … of Mobility, which does not meet the criteria of the GDPR, i.e. to be a clear and precise legal standard whose … data pertaining to a special category of data under the GDPR (health data). The temperature checks were mainly based …
11 May 2020
… of Article 56.1 of the General Data Protection Regulation (GDPR). lodged a complaint with the CNIL regarding the … in accordance with the provisions of Article 58.2.b) of the GDPR. Indeed, has to ensure and be able to demonstrate that … manner in relation to them (Articles 5.1.a) and 5.2 GDPR). In addition, pursuant to Articles 17.1 and 21.1 GDPR, …
14 October 2021
… obligations under data protection law (Article 12, 13 GDPR) through this procedure, as the customers were not … permissible at all. This is not explicitly regulated in the GDPR; there are no clear legal requirements in this respect. … obligations under data protection law (Article 12, 13 GDPR) through this procedure, as the customers were not …
1 July 2021
… established by the General Data Protection Regulation (GDPR). Furthermore, the enterprise had failed to fulfil its duty to provide information (Article 13 of the GDPR), its duty to delete the contents of the complainant’s … established by the General Data Protection Regulation (GDPR). Furthermore, the enterprise had failed to fulfil its …
13 May 2021
… fined Basaren Drift AS NOK EUR 20,000 (NOK 200,000) for a GDPR violation. The case relates to CCTV surveillance of … premises. The General Data Protection Regulation (GDPR) requires that all processing of personal data must … fined Basaren Drift AS NOK EUR 20,000 (NOK 200,000) for a GDPR violation. The case relates to CCTV surveillance of …
10 March 2021
… national authorities responsible for enforcement of the GDPR should be entrusted with the oversight of the privacy … the current ePrivacy Directive, and should complement the GDPR by providing additional strong guarantees for … national authorities responsible for enforcement of the GDPR should be entrusted with the oversight of the privacy …
2 September 2024
… the defendant has breached the articles 12.2, 12.3 et 15 GDPR because of the 14 month late reply and because the … sanction is based only on the infringement of article 15 GDPR, since both articles 12.2 et 12.3 were not in the … the defendant has breached the articles 12.2, 12.3 et 15 GDPR because of the 14 month late reply and because the …
12 February 2019
… the Austrian Post has violated several provisions of the GDPR. Specifically, the Austrian DPA is of the opinion that … data the Austrian DPA found this to be contradictory to the GDPR. Furthermore, the Austrian DPA found that the DPIA for … the Austrian Post has violated several provisions of the GDPR. Specifically, the Austrian DPA is of the opinion that …
26 November 2024
… wording of data access in accordance with Art. 15 GDPR and the processes for providing access in a timely … a legal basis, thus violating Art. 5.1(a) and 6(1) of the GDPR. Even though the originally processed data records were … wording of data access in accordance with Art. 15 GDPR and the processes for providing access in a timely …