Search results | European Data Protection Board

Simon-Kucher & Partners
1 July 2015
… of the Group’s respective regular business activities Pre-GDPR Yes … Simon-Kucher & Partners …
ARDIAN(previously known as AXA PRIVATE EQUITY)
1 July 2013
… of the Group’s respective regular business activities. Pre-GDPR Yes … ARDIAN(previously known as AXA PRIVATE EQUITY) …
Marsh and McLennan Companies Inc.
1 July 2017
… of the Group’s respective regular business activities. Pre-GDPR Yes … Marsh and McLennan Companies Inc. …
Marsh and McLennan Companies Inc.
1 July 2017
… of the Group’s respective regular business activities. Pre-GDPR Yes … Marsh and McLennan Companies Inc. …
Icelandic SA: the municipality of Reykjavík fined 5.000.000 ISK for the use of the Seesaw educational system
16 May 2022
News
… safeguards (Article 46). Decision: infringement of the GDPR, order to suspend processing and erasure of personal … of Reykjavík had breached various provisions of the GDPR using Seesaw. Following that decision, the Icelandic SA … safeguards (Article 46). Decision: infringement of the GDPR, order to suspend processing and erasure of personal …
EDPB adopts template complaint form and a final version of Recommendations on the application for approval and on the elements and principles to be found in Controller BCRs
21 June 2023
News
… BCR applications since the entering into application of the GDPR. The recommendations provide additional guidance and … essentially equivalent to the one provided by the GDPR. A second set of recommendations for BCR-processors … BCR applications since the entering into application of the GDPR. The recommendations provide additional guidance and …
Hungarian SA’s procedure on the handling of unsubscribe from newsletter
12 December 2023
News
… procedure was launched in accordance with Article 56 (1) of GDPR with a view to identifying the lead supervisory … submitted an erasure request according to Chapter III of GDPR, the competence of the HU SA could not be established … procedure was launched in accordance with Article 56 (1) of GDPR with a view to identifying the lead supervisory …
Polish DPA fines non-public nursery and pre-school: Lack of cooperation with the supervisory authority
20 July 2020
News
… a data breach to the data subject in accordance with the GDPR (Article 58(1)(e) of the GDPR). The controller notified to the President of the UODO … a data breach to the data subject in accordance with the GDPR (Article 58(1)(e) of the GDPR). The controller …
Polish SA: administrative fine of EUR 15 556 for University Children’s Clinical Hospital in Białystok for failing to implement appropriate technical and organisational measures
25 September 2025
News
… infringement of Articles 24(1), 25(1) and 32(1,2) of the GDPR. In addition, the President of the Personal Data … the processing operations into line with the provisions of GDPR by: implementing appropriate technical and … infringement of Articles 24(1), 25(1) and 32(1,2) of the GDPR. In addition, the President of the Personal Data …
Data Protection Code of Conduct for Cloud Infrastructure Service Providers
3 June 2021
Decision by the SA
… France Type Code for Controllers/Processors subject to GDPR Scope Transnational Opinion/Guideline References … 2021_cispe_cloud_iaas_data_protection_code_of_conduct_-_gdpr_compliance.pdf 1.4MB Preuzimanje file 1 …
Processing of personal data related to Danish research projects
3 October 2022
News
… 32) Decision: in accordance with the GDPR Key words: sensitive data, health records, research … 32) Decision: in accordance with the GDPR Key words: sensitive data, health records, research …
Norwegian Supervisory Authority with final decision to fine NAV
21 June 2022
News
… of personal data (Art. 5) Decision: Infringement of the GDPR and fine imposed Key words: Employment, unauthorised … of personal data (Art. 5) Decision: Infringement of the GDPR and fine imposed Key words: Employment, unauthorised …
Norwegian Supervisory Authority issues fine to the Norwegian parliament
4 March 2022
News
… of personal data (Art. 5) Decision: Infringement of the GDPR and fine imposed Key words: Information Security, … of personal data (Art. 5) Decision: Infringement of the GDPR and fine imposed Key words: Information Security, …
Nokia
14 April 2025
… the Nokia Group SA Decision 167KB English Preuzimanje Pre-GDPR No … Nokia …
AVATURE Group
24 July 2024
… Group ES SA decision 281.7KB English Preuzimanje Pre-GDPR No … AVATURE Group …
Polish DPA: A data breach must be notified to the supervisory authority
11 January 2021
News
… not complied with the obligation under Article 33 of the GDPR. When determining the amount of the administrative … DPA reminds that pursuant to Article 33 (1) and (3) of the GDPR, in the case of a personal data breach, the controller … not complied with the obligation under Article 33 of the GDPR. When determining the amount of the administrative …
State Commissioner for Data Protection in Lower Saxony imposes € 10.4 million fine against notebooksbilliger.de
26 January 2021
News
… Lower Saxony under the General Data Protection Regulation (GDPR). The GDPR enables supervisory authorities to impose fines of up … Lower Saxony under the General Data Protection Regulation (GDPR). The GDPR enables supervisory authorities to impose …
Fine imposed for preventing the Supervisory Authority from performing an inspection
3 April 2020
News
… the company infringed the provisions of Article 31 of the GDPR with regard to Article 58(1)(e) and (f) of the GDPR referring to cooperation with the supervisory authority … the company infringed the provisions of Article 31 of the GDPR with regard to Article 58(1)(e) and (f) of the GDPR …
The Norwegian SA issues fine and order company to establish procedures after unlawful credit rating
17 December 2021
News
… Legal basis (Article 6) Decision: Infringement of the GDPR, Order to establish procedures Key words: Credit Rating … Legal basis (Article 6) Decision: Infringement of the GDPR, Order to establish procedures Key words: Credit Rating …
EDPBI:BE:OSS:D:2019:6
29 January 2019
… complaint, despite the obligation provided in Article 12.3 GDPR, according to which the controller shall inform the …