3 December 2018
… for a violation of the General Data Protection Regulation (GDPR) in the processing of personal data in your area of … the assertion of your employees. In an e-mail on the 27th of March your customer care explained that for legal … is based on Article 58 paragraph 2 letter b of the GDPR. There was a violation of the GDPR in your area of …
27 January 2023
… health information without an appropriate consent 27 January 2023 Finland Italy Belgium Czech Republic France … that the company did not have the consent required by the GDPR for processing data on body mass indices and maximal … The consent requested did not meet the requirements of the GDPR as it was not specific and informed. The SA finds that …
7 August 2019
… 8 Tel.: +43-1-52152 30258 E-Mail: dsb@dsb.gv.at DVR: 0000027 Ref. No. DSB-D130.081/0001-DSB/2019 clerk: Data … (EU) 2016/679 (General Data Protection Regulation - GDPR), OJ No. L 119, 4.5.2016, p. 1. JUSTIFICATION A. … point of view, it follows: Pursuant to Art. 17 para. 1 GDPR, a data subject has the right to obtain from the …
16 December 2019
… 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of personal data and on the … and of the Council of 27 April 2016 (hereinafter “GDPR”) of all of the personal data processing operations … accessibility of information set out in Article 12 of the GDPR, the Article 29 Working Party guidelines on …
16 June 2020
… 9,973 o Netherlands: 8,290 o Portugal: 7,098 o Austria: 6,327 o Hungary: 5,379 o Romania: 5,017 o Sweden: 4,303 o … breach or mitigate its adverse effects (Art. 33 (3) (d) GDPR) The passwords of affected users were blocked and … or public com- munication (Art. 34 (1) or Art. 34 (3) (c) GDPR) The persons concerned were informed about the incident …
10 May 2019
… processing of the complainant’s data as per Article 58.1(a) GDPR, in particular as regards the limitation of the … 2013, opened a account on This account was suspended on 27 November 2016 due to non-compliance with policies for … of the obligations set out in Regulation (EU) 2016/679 (GDPR) by . As the complaint has only a limited personal …
17 December 2019
… required for the notifi- cation pursuant to Art. 33 GDPR, including the technical information of the hacked … of the incident and the measures taken, so that Art. 34 GDPR was also complied with. Causes of the injury A hacker … of our PGP-Key: D3C9 AEEA B403 7F96 7EF6 C77F B607 1D0F B27C 29A7 Office hours Daily from 10 am to 3 pm, Thursdays …
27 June 2023
… 204 for processing credit information without a legal basis 27 June 2023 Iceland Background information Date of … lawful ground for all processing operations (Article 6 (1) GDPR) Failure to comply with the obligation to process … fairly and in a transparent manner (Article 5(1)(a) GDPR) Decision No provision that clearly stipulates the …
18 June 2020
… of personal data. In accordance with Article 56 of the GDPR1, the Danish DPA has been designated as the lead … set out in Article 32(1), Article 5(1)(a) and Article 33(1) GDPR. Below is a closer look at the case and a justification … Parliament and Council Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with …
27 June 2018
… State of play - IMI for GDPR purposes 27 June 2018 EDPB It has been just a month ago that the General Data Protection Regulation (GDPR) entered into application, the long awaited revamp of … a month ago that the General Data Protection Regulation (GDPR) entered into application, the long awaited revamp of …
27 February 2019
… of the General Data Protection Regulation (EU) 2016/679 (GDPR) Decision Type SA Liechtenstein 27 February 2019 Data Protection Impact Assessment (DPIA) … of a data protection impact assessment (Article 35.4 GDPR) … 1 List of processing operations according to Art. 35 (4) GDPR, for which the Data Protection Authority (DSS) as the …
3 December 2024
… Guidelines 02/2024 on Article 48 GDPR Guidelines 02/2024 on Article 48 GDPR Start Date: 03 December 2024 End Date: 27 January 2025 Public consultation reference: 02/2024 … Guidelines 02/2024 on Article 48 GDPR …
27 June 2023
… 141 for processing credit information without a legal basis 27 June 2023 Iceland Background information Date of … lawful ground for all processing operations (Article 6 (1) GDPR) Failure to comply with the obligation to process … fairly and in a transparent manner (Article 5(1)(a) GDPR) Decision No provision that clearly stipulates the …
13 October 2021
… 2021 Norway Background information Date of final decision: 27 September 2021 Cross-border case or national case: … Controller: Ferde AS Legal Reference: Processor (ARTICLE 28 GDPR), Security of Processing (ARTICLE 32 GDPR), General principle for transfers (ARTICLE 44 GDPR) …
12 May 2022
… on the calculation of administrative fines under the GDPR Guidelines 04/2022 on the calculation of administrative fines under the GDPR Start Date: 16 May 2022 End Date: 27 June 2022 Public consultation reference: 04/2022 … on the calculation of administrative fines under the GDPR …
13 September 2024
… 2024 Greece Background information Date of final decision: 27 May 2024 National case Legal Reference (s): GDPR: Article 5.1.a: Principle of lawfulness, fairness and transparency; GDPR: Article 6.1.f: Processing based on legitimate … decision: 27 May 2024 National case Legal Reference (s): GDPR: Article 5.1.a: Principle of lawfulness, fairness and …
23 June 2020
… based on Articles 33-34 of the Regulation (EU) 2016/6791 (’GDPR’) concerning the data breach notified to the NAIH on … fully complied with the provisions of Articles 33-34 of the GDPR. Based on the data breach notification and the … 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with …
6 April 2022
… Ireland Group plc Legal Reference: Article 32(1), 33 and 34 GDPR Decision: Infringement of Article 32(1), 33 and 34 GDPR, Order to comply with article 32(1) GDPR, Issued … Protection Commission (DPC) between 9 November 2018 and 27 June 2019. The notifications related to the corruption of …
5 August 2020
… August 2020 535.1000 A56ID 75410 CR 126887 DD 126889 FD 142710 Final Decision 1. Facts concerning the data breach - … breach or to mitigate its adverse effects (Art. 33 (3) (d) GDPR) The passwords of the affected accounts have been … or public communi- cation (Art. 34(1) or Art. 34(3) (c) GDPR) The controller has notified all data subjects and …
20 July 2022
… case Controller: Clearview AI Inc. Legal Reference: GDPR: Article 3: Territorial scope. Article 5(1)(a) and (2): … not established in the Union. Decision: Infringement of the GDPR, Administrative fine. Key words: Web scraping, Images … 9 GDPR) and its obligations under Articles 12, 14, 15 and 27 of the GDPR. Decision: The Hellenic DPA imposed a fine …