Search results | European Data Protection Board

Dutch Supervisory Authority imposes a fine on Clearview because of illegal data collection for facial recognition
3 September 2024
News
… (a) of the General Data Protection Regulation (hereinafter: GDPR), read in conjunction with Article 6(1) GDPR. Second, for the purpose of said service, Clearview violates Article 9(1) GDPR, by processing a special category of personal data …
The CNIL, French Supervisory Authority fines FREE EUR 300,000
16 December 2022
News
… FREE Legal Reference: right of access (article 15 of the GDPR), right to erasure (articles 12 and 21 of the GDPR), obligation to secure personal data (Article 32 of the GDPR), obligation to document a personal data breach …
Greek SA: Imposition of fine on association for transmission of sensitive data, failure to facilitate right of access and lack of cooperation with the SA
12 August 2025
News
… Association “Shield of David” Legal Reference(s): GDPR: Article 5. Principles relating to processing of personal data GDPR: Article 12: Transparent information, communication and … for the exercise of the rights of the data subject GDPR: Article 13: Information to be provided where personal …
Irish SA: inquiry into Bank of Ireland Group
6 April 2022
News
… Ireland Group plc Legal Reference: Article 32(1), 33 and 34 GDPR Decision: Infringement of Article 32(1), 33 and 34 GDPR, Order to comply with article 32(1) GDPR, Issued reprimand in respect of all of the …
Commercial prospecting and rights of individuals: EDF France fined 600 000 euros
1 December 2022
News
… Postal and Electronic Communications Code and 7 of the GDPR) obligations of information (Articles 13 and 14 of the GDPR) and to respect the exercise of rights (Articles 13 and 14 of the GDPR) obligation to ensure security of personal data …
Hellenic SA: imposition of a fine and order to comply following a leak of expats’ personal data file
13 September 2024
News
… decision: 27 May 2024 National case Legal Reference (s): GDPR: Article 5.1.a: Principle of lawfulness, fairness and transparency; GDPR: Article 6.1.f: Processing based on legitimate interest; GDPR: Article 14: Information to be provided where personal …
EDPB Launches Data Protection Guide for small business
27 April 2023
News
… compliant. The Guide aims to raise awareness about the GDPR and to provide practical information to SMEs about GDPR compliance in an accessible and easily understandable … tools and practical tips to help them comply with the GDPR. It includes concrete examples gathered during our 5 …
EDPB requests that Irish SA amends WhatsApp decision with clarifications on transparency and on the calculation of the amount of the fine due to multiple infringements
2 September 2021
News
… a dispute resolution decision on the basis of Art. 65 GDPR. This binding decision seeks to address the dispute … supervisory authorities (CSAs). In accordance with the GDPR, the EDPB’s binding decision has now been published, … IE SA already identified a severe breach of Art. 12-13-14 GDPR. The EDPB identified additional shortcomings with the …
Europe’s new data protection rules and the EDPB: giving individuals greater control
25 May 2018
Press releases
… is created by the General Data Protection Regulation (GDPR), which enters into application today. The EDPB, which … authorities to ensure a consistent application of the GDPR throughout the European Union. Andrea Jelinek, Chair of … to protect their personal data. I am convinced that the GDPR gives individuals and supervisory authorities the means …
The Icelandic SA: The municipality of Kópavogur fined ISK 4,000,000 for the use of the Seesaw educational system
2 May 2023
News
… did not meet the minimum requirements (Article 28(3)(a) GDPR) Failure to provide a transparent arrangement for the … out jointly with another data controller (Article 26 GDPR) Failure to demonstrate a lawful ground for all processing operations (Article 6 GDPR) Failure to comply with the obligation to process …
Uirlisí Cuntasachta
… cóid iompair , lena ndírítear ar chur i bhfeidhm cuí an GDPR in earnálacha difriúla próiseála agus i gcineálacha … agus marcanna , lena gcuirtear comhlíonadh cheanglais an GDPR chun cinn i measc eagraíochtaí difriúla. … Foilsímid … cóid iompair , lena ndírítear ar chur i bhfeidhm cuí an GDPR in earnálacha difriúla próiseála agus i gcineálacha …
Simplification of record-keeping obligation: EDPB and EDPS adopt letter to EU Commission
8 May 2025
News
… the simplification of record-keeping obligation under the GDPR, amounting to a targeted amendment of Art. 30(5) GDPR. The joint letter replies to the letter sent by the … how it intends to introduce specific modifications to the GDPR. The EDPB and EDPS understand that a formal …
EDPB adopts first opinion on certification criteria
2 February 2022
News
… 2 February 2022 EDPB The EDPB adopted its opinion on the GDPR-CARPA certification scheme submitted to the Board by … on criteria for a nationwide certification scheme. The GDPR-CARPA certification scheme is a general scheme, which … said: “This opinion is an important step towards greater GDPR compliance. The main aim of certification mechanisms is …
An creat dlí
… Ginearálta an Aontais Eorpaigh maidir le Cosaint Sonraí (GDPR) , a glacadh an 27 Aibreán 2016 agus a foilsíodh in … maidir le Cosaint Sonraí ar fáil anseo . Tháinig an GDPR i bhfeidhm ar 24 Bealtaine 2016 agus tá feidhm aige ó 25 Bealtaine 2018 i leith. Cruthaítear leis an GDPR sraith chomhchuibhithe rialacha is infheidhme maidir …
Europe’s new data protection rules and the EDPB: giving individuals greater control
25 May 2018
Press releases
… is created by the General Data Protection Regulation (GDPR), which enters into application as of today. The EDPB, … authorities to ensure a consistent application of the GDPR throughout the European Union, as well as consistent … data are inherent to human beings. I am convinced that the GDPR gives individuals and supervisory authorities the means …
EDPB adopts Art. 65 decision regarding WhatsApp Ireland
28 July 2021
News
… a dispute resolution decision on the basis of Art. 65 GDPR. The binding decision seeks to address the lack of … its transparency obligations pursuant to Art. 12, 13 & 14 GDPR. On 24 December 2020, the LSA shared its draft decision with the CSAs in accordance with Art. 60 (3) GDPR. The CSAs issued objections pursuant to Art. 60 (4) …
Icelandic SA: the municipality of Hafnarfjörður fined EUR 18.580 for the use of Google Workspace for Education
26 April 2024
News
… of Hafnarfjörður infringed multiple Articles of the GDPR with its use of Google’s educational system i.e.: … accordance with the Regulation (Articles 5, 24(1) & 28(1) GDPR) Data processing agreement did not meet the minimum requirements (Article 28(3)(a) GDPR) Failure to demonstrate a specified, explicit, and …
Icelandic SA: the municipality of Reykjanesbær fined EUR 16.590 for the use of Google Workspace for Education
26 April 2024
News
… of Reykjanesbær infringed multiple Articles of the GDPR with its use of Google’s educational system i.e.: … accordance with the Regulation (Articles 5, 24(1) & 28(1) GDPR) Data processing agreement did not meet the minimum requirements (Article 28(3)(a) GDPR) Failure to demonstrate a specified, explicit, and …
Geolocalisation data: the French SA fines UBEEQO International €175 000
25 July 2022
News
… Legal Reference: Data minimisation (Article 5.1.c GDPR), Retention period (Article 5.1.e GDPR), Information of individuals (Article 12 GDPR) Decision: Administrative fine Key words: Geolocation …
EDPB publishes OSS case digest on Security of Processing and Data Breach Notification
18 January 2024
News
… case digest on Security of Processing (Art. 32 GDPR) and Data Breach Notification (Art. 33 & 34 GDPR) . Since the entry into force of the GDPR, data protection authorities (DPAs) have closely …