18 February 2021
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
18 December 2019
… The Norwegian Data Protection Authority imposes a fine on the City of Oslo … of Oslo, the Nursing Home Agency, for having stored patient data from the city’s nursing homes and health centres … The case commenced when the City of Oslo sent a data breach notification to the Data Protection Authority in …
8 September 2021
… national case Controller: AG2R LA MONDIALE Legal Reference: Data retention period (Article 5.1.e GDPR), Information … Key words: Insurances, data retention, information Summary of the Decision Origin … comply with articles 5-1-e, 13 and 14 of the GDPR. Decision Breach of Article 5-1-e of the GDPR The company had not …
16 November 2021
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
7 December 2023
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 9 (Processing of special categories of personal data), Article 15 (Right to access by the data subject) … Right of access, Lawfulness of processing, Personal data breach, Right of access Summary of the Decision Origin …
7 September 2022
… unlawfully collecting a disproportionate amount of personal data 7 September 2022 Belgium Background information Date … Lawfulness (Article 6), Purpose limitation (Article 5.1.b), Data Minimisation (Article 5.1.c) Decision: Infringement of … prior to the mandatory data collection, and had therefore breached the principles of lawfulness, purpose limitation …
4 September 2025
… without free and informed consent (Article 82 of the French Data Protection Act) Decision: Infringement of the French … Electronic Communications Code, Infringement of the French Data Protection Act, Administrative fine and injunction Key … this context was therefore not valid, which constituted a breach of the French Data Protection Act (Article 82). …
13 February 2026
… in addition to the already announced templates for data breach notifications and data protection impact assessment . This is also in line … in addition to the already announced templates for data breach notifications and data protection impact assessment . …
9 September 2022
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Notification of …
15 January 2024
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 13 (Information to be provided where personal data are collected from the data subject) Decision: … facility is rented out for events or other gatherings, in breach of Article 6. Furthermore, the Icelandic SA …
14 January 2021
… Zajedničko mišljenje 2/2021 Europskog odbora za zaštitu podataka i Europskog nadzornika za zaštitu podataka o Provedbenoj odluci Europske komisije o standardnim ugovornim klauzulama za prijenos osobnih podataka u treće zemlje 14 January 2021 EDPB/EDPS Joint …
29 September 2022
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Data security …
4 May 2021
… green pass and it is affected additionally by several data protection shortcomings including the lack of any … Contrary to the requirements laid down in the EU General Data Protection Regulation, the decree does not specify the … of the controller of the processing at issue, which is in breach of the transparency principle and hampers or …
9 December 2020
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data breach Notification of personal data breach Outcome …
1 March 2021
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
13 March 2022
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
6 January 2021
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
18 July 2023
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Data security Personal data breach Notification of personal …
29 June 2021
… ice cream parlours for processing employee‘s personal data via video surveillance camera installed in an employee … ice cream parlours for processing employee‘s personal data via video surveillance camera installed in an employee … amount of the fine was that the company was found to be in breach of numerous provisions of the Icelandic Act No. …
29 November 2021
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …