Search results | European Data Protection Board

Personal data breach at the Breiðholt Upper Secondary School – Administrative fine
10 March 2020
News
… violations of, inter alia, Art. 5(1)f and Art. 32 of the GDPR. When determining the fine, the SA referred to the … violations of, inter alia, Art. 5(1)f and Art. 32 of the GDPR. When determining the fine, the SA referred to the …
The Romanian National Supervisory Authority issues a fine against FAN COURIER EXPRESS SR
28 October 2019
News
… the provisions of Article 5 paragraph (1) letter f) of the GDPR. Legal and Communication Department To read the press … the provisions of Article 5 paragraph (1) letter f) of the GDPR. Legal and Communication Department To read the press …
CEF 2025: EDPB selects topic for next year’s Coordinated Action
10 October 2024
News
… the first semester of 2025. The right to erasure (Art.17 GDPR) is one of the most frequently exercised data … the first semester of 2025. The right to erasure (Art.17 GDPR) is one of the most frequently exercised data …
EDPB adopts guidelines on processing personal data through blockchains and is ready to cooperate with AI office on guidelines on AI Act and EU data protection law
14 April 2025
News
… organisations using these technologies to comply with the GDPR. In its guidelines, the EDPB explains how blockchains … organisations using these technologies to comply with the GDPR. In its guidelines, the EDPB explains how blockchains …
March Plenary - adopted documents
21 March 2022
News
… Guidelines 02/2022 on the application of Article 60 GDPR 14 March 2022 Publication Type: Guidelines Topics: …
Dutch SA fines Booking.com for delay in reporting data breach
10 December 2020
News
… authority, article 33 (1) Decision: Infringement of the GDPR, administrative fine Key words: Data breach, delayed … authority, article 33 (1) Decision: Infringement of the GDPR, administrative fine Key words: Data breach, delayed …
Polish SA imposed fine for failing to implement appropriate technical and organisational measures
31 May 2023
News
… characteristics of a data breach within the meaning of the GDPR. The Polish SA, taking into account the scope of … characteristics of a data breach within the meaning of the GDPR. The Polish SA, taking into account the scope of …
Finnish SA: Administrative fine on business directory operator for infringements of the right to obtain call recordings
6 July 2023
News
… method of delivering call recordings in accordance with the GDPR. Neither did the company inform the Finnish SA of … method of delivering call recordings in accordance with the GDPR. Neither did the company inform the Finnish SA of …
Icelandic SA: administrative fine imposed on the Primary Health Care of the Capital area for the unlawful processing in relation to the integration of medical record systems.
7 March 2025
News
… lawfulness of the processing (Articles 5.1 (a), 6.1 and 9.1 GDPR). Decision The Icelandic SA imposed a fine of 33 854 … lawfulness of the processing (Articles 5.1 (a), 6.1 and 9.1 GDPR). Decision The Icelandic SA imposed a fine of 33 854 …
Polish DPA imposes a fine on Warsaw University of Technology for not complying with its obligation
14 January 2022
News
… (Art. 32(1), Art. 32(2)) Decision: infringement of GDPR, fine issued Key words: principles, processing, … (Art. 32(1), Art. 32(2)) Decision: infringement of GDPR, fine issued Key words: principles, processing, …
Danish DPA set to fine furniture company
11 June 2019
News
… data in the old system had never been deleted. The GDPR establishes that personal data must be stored in such a … data in the old system had never been deleted. The GDPR establishes that personal data must be stored in such a …
Europski odbor za zaštitu podataka – 16. plenarna sjednica
4 December 2019
News
… u skladu s člankom 64. Opće uredbe o zaštiti podataka (GDPR) o uvjetima za akreditaciju tijela za praćenje kodeksa … u skladu s člankom 64. Opće uredbe o zaštiti podataka (GDPR) o uvjetima za akreditaciju tijela za praćenje kodeksa …
The role of DPOs at the heart of EU coordinated action for 2023
… they hold the position required by Articles 37 to 39 of the GDPR and whether they have the necessary resources to carry … they hold the position required by Articles 37 to 39 of the GDPR and whether they have the necessary resources to carry …
Polish DPA: The incident must be notified to the supervisory authority and the data subjects
30 June 2021
News
… therein in accordance with the requirements under the GDPR. The Polish DPA asked the Foundation to indicate … proceedings against the Foundation. Pursuant to the GDPR, in case of a personal data breach, the controller … therein in accordance with the requirements under the GDPR. The Polish DPA asked the Foundation to indicate …
Enforcement notice in the matter of Meta Platforms Ireland Limited made pursuant to Sections 133(9) and 133(10) of the Data Protection Act, 2018 and Articles 60 and 66 of the General Data Protection Regulation
7 December 2023
Urgent Binding decision of the Board (Art. 66)
… measures regarding Meta Platforms Ireland Ltd (Art. 66(2) GDPR) … Enforcement notice in the matter of Meta Platforms …
Vinted investigation signals closer and stronger cooperation between personal data protection supervisory authorities
2 June 2022
Press releases
… cooperation to investigate compliance of this website with GDPR. After the working group was formed, the Dutch … cooperation to investigate compliance of this website with GDPR. After the working group was formed, the Dutch …
Swedish SA: Administrative fine against bank for transferring customer data to Meta
2 September 2024
News
… bank has violated the general data protection regulation, GDPR, by not having taken appropriate technical and … bank has violated the general data protection regulation, GDPR, by not having taken appropriate technical and …
Norwegian Supervisory Authority: Mowi ASA reprimanded and ordered to update its procedures
26 April 2022
News
… Key Findings This case is an important reminder that the GDPR's requirement to provide information also applies when … Key Findings This case is an important reminder that the GDPR's requirement to provide information also applies when …
The Norwegian Supervisory Authority has fined the Norwegian Labour Inspection Authority
16 May 2022
News
… by the data subject (Art. 15) Decision: Infringement of the GDPR and fine imposed, Reprimand Key words: Credit rating … by the data subject (Art. 15) Decision: Infringement of the GDPR and fine imposed, Reprimand Key words: Credit rating …
Norwegian Supervisory Authority issues fine to Trumf
22 June 2022
News
… of Processing (Art. 32) Decision: Infringement of the GDPR and fine imposed Key words: unauthorised access, Lack … of Processing (Art. 32) Decision: Infringement of the GDPR and fine imposed Key words: unauthorised access, Lack …