13 July 2020
… breach or to mitigate its adverse effects (Art. 33 (3) (d) GDPR) Once the activities were detected, the passwords of … of our PGP-Key: D3C9 AEEA B403 7F96 7EF6 C77F B607 1D0F B27C 29A7 Office hours Daily from 10 am to 3 pm, Thursdays … or public communi- cation (Art. 34(1) or Art. 34(3) (c) GDPR) All data subjects concerned were notified on 6 …
4 September 2020
… of our PGP-Key: D3C9 AEEA B403 7F96 7EF6 C77F B607 1D0F B27C 29A7 Office hours Daily from 10 am to 3 pm, Thursdays … breach or to mitigate its adverse effects (Art. 33 (3) (d) GDPR) The password for the affected account has been reset; … or public communi- cation (Art. 34(1) or Art. 34(3) (c) GDPR) The controller has informed all data subjects …
5 August 2020
… 631.183.3 Berlin, 5 August 2020 535.1479 A56ID 109234 CR 129278 DD 129284 FD 142719 Final Decision 1. Facts concerning … breach or to mitigate its adverse effects (Art. 33 (3) (d) GDPR) Both the document and the entry were deleted. … or public communi- cation (Art. 34(1) or Art. 34(3) (c) GDPR) The data subjects concerned were informed in writing …
2 June 2022
… cooperation to investigate compliance of this website with GDPR. After the working group was formed, the Dutch … priority for the EDPB. At a meeting held in Vienna on 27-28 April 2022, EDPB members agreed to further strengthen … cooperation to investigate compliance of this website with GDPR. After the working group was formed, the Dutch …
17 June 2025
… 2025 Finland Background information Date of final decision: 27 May 2025 National case Legal Reference (s): Article 5 … was found to have infringed Articles 32 and 5.1.f of the GDPR. An administrative fine was imposed on Yliopiston … was found to have infringed Articles 32 and 5.1.f of the GDPR. An administrative fine was imposed on Yliopiston …
7 December 2023
… - Following the EDPB’s urgent binding decision of October 27th 2023 , the Irish data protection authority (IE DPA) … adopted an order imposing a temporary ban under Art. 66 (1) GDPR on Meta IE and Facebook Norway AS (“Facebook Norway”) … EDPB concluded that there are ongoing infringements of the GDPR and there is an urgent need to act in light of the …
7 April 2020
… the Berlin DPA of the data breach pursuant to Art. 33 GDPR and notified the data subjects, including the complainant, ac- cording to Art. 34 GDPR. (Please see IMI A60DD 102273 for the draft deci- sion about the notified data …
17 December 2019
… required for the notifi- cation pursuant to Art. 33 GDPR, including the technical information of the hacked … of the incident and the measures taken, so that Art. 34 GDPR was also complied with. Causes of the injury A hacker … of our PGP-Key: D3C9 AEEA B403 7F96 7EF6 C77F B607 1D0F B27C 29A7 Office hours Daily from 10 am to 3 pm, Thursdays …
27 September 2019
… of the General Data Protection Regulation (EU) 2016/679 (GDPR) Decision Type SA Netherlands 27 September 2019 Data Protection Impact Assessment (DPIA) … of a data protection impact assessment (Article 35.4 GDPR) … 1 State Current 2019 No 6441827 November 2019 …
13 July 2020
… 13 July 2020 631.87 535.699 A56ID 74975 CR 82038 RD 129527 FD 135778 Final Decision The Berlin DPA closes the case. … breach or mitigate its adverse effects (Art. 33 (3) (d) GDPR) The company hired a forensics firm to identify network … or public com- munication (Art. 34 (1) or Art. 34 (3) (c) GDPR) The concerned data subjects were informed of the …
10 October 2019
… (registered internally with file number CDP/IMI/LSA/27/2018) received from the Berlin Commissioner for Data … enshrined under the General Data Protection Regulation 1 ("GDPR" or the "Regulation"). The complainant contended that … this Office is not in line with what is expected under the GDPR. The submissions included the following principal …
10 May 2019
… processing of the complainant’s data as per Article 58.1(a) GDPR, in particular as regards the limitation of the … 2013, opened a account on This account was suspended on 27 November 2016 due to non-compliance with policies for … of the obligations set out in Regulation (EU) 2016/679 (GDPR) by . As the complaint has only a limited personal …
3 June 2020
… has the following reference number: INC000002310272. 1. Decision Following a review of the case, the Danish … Article 32(1) of the General Data Protection Regulation (GDPR). The reprimand is issued in accordance with the rules … personal data. According to Article 5(1)(f) of the GDPR, personal data must be processed confidentially, such …
23 June 2020
… based on Articles 33-34 of the Regulation (EU) 2016/6791 (’GDPR’) concerning the data breach notified to the NAIH on … fully complied with the provisions of Articles 33-34 of the GDPR. Based on the data breach notification and the … 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with …
8 February 2022
… for claims handling. This practice has violated the GDPR. The Data Protection Ombudsman notes that the Traffic … for the collection of unnecessary patient information (27 January 2022) Decision of the Data Protection Ombudsman … for claims handling. This practice has violated the GDPR. The Data Protection Ombudsman notes that the Traffic …
2 October 2019
… Register entry 58950 - IMI A60DD 74979 Dear colleagues, on 27 August 2019, the above-mentioned draft decision was … cross-border processing under Art. 4 No. 23 lit. b GDPR, the ÖDSB initiated an Art. 56 identification procedure … controller’s main establishment in is according to art. 56 GDPR and § 19 Federal Data Protection Act the lead su- …
21 December 2018
… of the General Data Protection Regulation (EU) 2016/679 (GDPR) Decision Type SA Slovenia 21 December 2018 Data … Download Opinion / Binding decision References Opinion 27/2018 on the draft list of the competent supervisory … of a data protection impact assessment (Article 35.4 GDPR) … 1 Number: 014-1/2018/12 Date: 21 December 2018 …
24 February 2022
… 2022 Hungary Background information Date of final decision: 27 October 2021 (deadline for appeals: 3 December 2021) … to data subjects under Article 12(1) and Article 13 of the GDPR; data minimisation under Article 5(1)(c); legal basis … under Article 6(1) Decision: finding an infringement of the GDPR, order to bring practices into line with the GDPR, data …
26 June 2019
… 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with … safeguards in the processing, in order to meet the GDPR requirements and to protect the rights of the data … statement/details. Pursuant to Article 5 (1) c) of GDPR (“Principles relating to processing of personal data”), …
10 March 2022
… of controllers not established in the Union (Article 27). Decision: The Italian SA imposed a fine amounting to … the company infringed several fundamental principles of the GDPR, such as transparency, purpose limitation, and storage … the company infringed several fundamental principles of the GDPR, such as transparency, purpose limitation, and storage …