9 January 2025
… Key Findings The CNIL found several breaches of the GDPR: Failure to comply with the obligation to have a legal basis (Article 6 of the GDPR) Failure to comply with the obligation to define and … to the purpose of the processing (Article 5-1-e of the GDPR) Failure to comply with the obligation to provide …
23 January 2025
… Key Findings The CNIL found several breaches of the GDPR: Failure to comply with the obligation to have a legal basis (Article 6 of the GDPR) Failure to comply with the obligation to define and … to the purpose of the processing (Article 5-1-e of the GDPR) Failure to comply with the obligation to provide …
15 January 2024
… Key Findings The French SA found several breaches of the GDPR: Failure to comply with the obligation to retain data … purpose for which it was collected (article 5.1.e of the GDPR) Failure to comply with the obligation to inform individuals (Articles 12 and 13 of the GDPR) Failure to comply with the obligation to ensure the …
15 April 2024
… Key Findings The French SA found several breaches of the GDPR: Failure of the obligation to have a legal basis for processing data (Article 6 GDPR). The misleading appearance of the data collection … not have a valid legal basis for data collection (Article 6 GDPR) for commercial prospecting by phone calls. It also …
12 September 2022
… Affairs, Greek Seamen’s Fund (NAT) Legal Reference: GDPR: Principles relating to processing of personal data … assessment (Article 35) Decision: Infringement of the GDPR, Reprimand, Administrative fines Key words: Ex officio … (SA), in exercising its ex officio competence under the GDPR and the national Law 4624/2019 , examined the …
7 October 2020
… Register, constitutes unlawful processing (article 6.1 GDPR), as the legal ground for the processing activities in … carrying out a task in the public interest (article 6.1.e. GDPR), and this processing in concreto was not necessary to … data minimisation (resp. article 5.1.d. and article 5.1.c. GDPR.), which means the institution breaches these …
21 December 2021
… of data (Article 9) Decision: Infringement of the GDPR declared and fine imposed Key words: Data sharing, … users. The Authority consider that this was contrary to the GDPR requirements for valid consent. The Authority consider … category data that merit particular protection under the GDPR. As the consents Grindr collected were not valid, …
24 February 2023
… the provisions on international transfers as per Chapter V GDPR : The Guidelines clarify the interplay between the territorial scope of the GDPR (Art. 3) and the provisions on international transfers … design patterns in social media interfaces that infringe on GDPR requirements. The guidelines give concrete examples of …
25 September 2020
… in accordance with the General Data Protection Regulation (GDPR). The topics of direct marketing included various … Article 4(11) of the EU General Data Protection Regulation (GDPR), the consent must be a freely given, specific, … the data subjects’ right to object in accordance with the GDPR. In the controller’s view, it has targeted the …
25 January 2019
… one from Finland, three from Austria) according to Art. 34 GDPR. The information was provided in the respective … one from Finland, three from Austria) according to Art. 34 GDPR. The information was provided in the respective …
5 May 2021
… fine of NOK 25 000 000 for not complying with the GDPR rules on accountability, lawfulness, and transparency. … that this happened because Disqus was unaware that the GDPR applied in Norway, which Disqus’ parent company Zeta … a lawful basis, despite the company being unware that the GDPR applied to data subjects in Norway. Based on our …
21 January 2019
… in accordance with the General Data Protection Regulation (GDPR), for lack of transparency, inadequate information and … as defined in the General Data Protection Regulation (“GDPR”), the CNIL sent these two complaints to its European … assess if it was competent to deal with them. Indeed, the GDPR establishes a “one-stop-shop mechanism” which provides …
31 May 2023
… national case: National case Legal references: Art. 5(1)(a) GDPR, Art. 15 (1)(h) GDPR, Art. 22(3) GDPR Decision: Administrative fine Key words: Algorithms, …
20 July 2022
… case Controller: Clearview AI Inc. Legal Reference: GDPR: Article 3: Territorial scope. Article 5(1)(a) and (2): … not established in the Union. Decision: Infringement of the GDPR, Administrative fine. Key words: Web scraping, Images … and transparency (art. 5 paragraphs 1(a) and (2), 6, 9 GDPR) and its obligations under Articles 12, 14, 15 and 27 …
12 October 2022
… that it wishes to see harmonised at EU level to facilitate GDPR enforcement. This “wish list” is one of the key actions … cooperation in view of strong and swift enforcement of the GDPR. We have identified some obstacles beyond our remit … Data Protection Seal by the EDPB pursuant to Art. 42 (5) GDPR. The Europrivacy certification mechanism is a general …
2 February 2024
… to be collected in compliance with the requirements of the GDPR. During the investigations, the company provided the … of any legal basis. The French SA found two breaches of the GDPR: Failure to comply with the obligation to have a legal basis for the processing of data (Article 6 of the GDPR) Failure to comply with the obligation to implement a …
4 March 2019
… Data Protection Regulation - Regulation (EU) 2016/679 ("GDPR" or "the Regulation). The complainant contended that … that the controller did not infringe the provisions of the GDPR, and consequently dismissed the compliant. … Decision …
12 August 2019
… which did not meet the criteria set out in Art. 7 GDPR and also violated its duty to provide information pursuant to Art. 13, 14 GDPR. Moreover, despite handling sensitive data, no data protection impact assessment, pursuant to Art. 35 GDPR, was carried out. The administrative fine is not final …
25 May 2018
… the greatly anticipated General Data Protection Regulation (GDPR) entered into application and its pre-decessor … role is to safeguard the consistent application of the GDPR, but it has additional competences. It advises the … will be crucial for the success and effectiveness of the GDPR. Agenda First Plenary 224.3KB English Download … Draft …
6 November 2019
… of processing of personal data, specified in the GDPR. The President of the Personal Data Protection Office … actions were also inconsistent with Article 7(3) of the GDPR. The company did not take into account the principle … of the subject rights, as required by Article 12(2) of the GDPR. The proceedings of the President of PDPO established …