2 February 2024
… 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 9 (Processing of special categories of personal data), Article 15 (Right to access by the data subject) … Right of access, Lawfulness of processing, Personal data breach, Right of access Summary of the Decision Origin …
22 June 2021
… DPA: BRAbank ASA fined 22 June 2021 Norway The Norwegian Data Protection Authority has fined BRAbank EUR 40,000 (NOK 400,000) for violation of the General Data Protection Regulation (GDPR). This case concerns … This matter began with a notice of a personal data breach on 6 September 2019 from what was then Easybank ASA. …
22 June 2022
… Legal Reference: Notification of a personal data breach to the supervisory authority (Art. 33), Security of … people on their membership profiles, which is a personal data breach. Trumf has an obligation to report all such …
26 March 2019
… First fine imposed by the President of the Personal Data Protection Office 26 March 2019 Poland The President of the Personal Data Protection Office (UODO) imposed its first fine for the … of the Personal Data Protection Office considered the breach to be serious, since it concerns the fundamental …
7 December 2023
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 9 (Processing of special categories of personal data), Article 15 (Right to access by the data subject) … Right of access, Lawfulness of processing, Personal data breach, Right of access Summary of the Decision Origin …
15 January 2024
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 13 (Information to be provided where personal data are collected from the data subject) Decision: … facility is rented out for events or other gatherings, in breach of Article 6. Furthermore, the Icelandic SA …
18 December 2019
… The Norwegian Data Protection Authority imposes a fine on the City of Oslo … of Oslo, the Nursing Home Agency, for having stored patient data from the city’s nursing homes and health centres … The case commenced when the City of Oslo sent a data breach notification to the Data Protection Authority in …
8 September 2021
… national case Controller: AG2R LA MONDIALE Legal Reference: Data retention period (Article 5.1.e GDPR), Information … Key words: Insurances, data retention, information Summary of the Decision Origin … comply with articles 5-1-e, 13 and 14 of the GDPR. Decision Breach of Article 5-1-e of the GDPR The company had not …
7 September 2022
… unlawfully collecting a disproportionate amount of personal data 7 September 2022 Belgium Background information Date … Lawfulness (Article 6), Purpose limitation (Article 5.1.b), Data Minimisation (Article 5.1.c) Decision: Infringement of … prior to the mandatory data collection, and had therefore breached the principles of lawfulness, purpose limitation …
4 May 2021
… green pass and it is affected additionally by several data protection shortcomings including the lack of any … Contrary to the requirements laid down in the EU General Data Protection Regulation, the decree does not specify the … of the controller of the processing at issue, which is in breach of the transparency principle and hampers or …
16 June 2022
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
20 November 2019
… Guidelines 4/2019 on Article 25 Data Protection by Design and by Default Guidelines 4/2019 on Article 25 Data Protection by Design and by Default Start Date: 20 … The security of personal data shall both prevent data breach incidents as well as facilitate the proper execution …
18 February 2021
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
26 October 2021
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
24 January 2024
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Data security …
29 June 2021
… ice cream parlours for processing employee‘s personal data via video surveillance camera installed in an employee … ice cream parlours for processing employee‘s personal data via video surveillance camera installed in an employee … amount of the fine was that the company was found to be in breach of numerous provisions of the Icelandic Act No. …
28 October 2021
… Decision Origin of the case Image files containing health data about people with no connection to the municipality … to staff at the health clinic. Key Findings The Norwegian Data Protection Authority noted that the municipality did … internal deficiencies in its access management. This is a breach of the requirements regarding personal data security …
16 November 2021
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
9 September 2022
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Notification of …
29 September 2022
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Data security …