20 July 2022
… case Controller: Clearview AI Inc. Legal Reference: GDPR: Article 3: Territorial scope. Article 5(1)(a) and (2): … not established in the Union. Decision: Infringement of the GDPR, Administrative fine. Key words: Web scraping, Images … 9 GDPR) and its obligations under Articles 12, 14, 15 and 27 of the GDPR. Decision: The Hellenic DPA imposed a fine …
3 February 2022
… 2022 Greece Background information Date of final decision: 27 January 2022 Cross-border case or national case: … Regulation (EU) 611/2013 Decision: Infringement of the GDPR, Fines imposed Key words: GDPR, Data breach, Security, Data protection impact … Regulation (EU) 611/2013 Decision: Infringement of the GDPR, Fines imposed Key words: GDPR, Data breach, Security, …
15 July 2025
… 2025 Italy Background information Date of final decision: 27 March 2025 National case Controller: Istituto di … Findings The Italian SA recalled that, according to the GDPR and the Italian Data Protection Code, the use of … Findings The Italian SA recalled that, according to the GDPR and the Italian Data Protection Code, the use of …
27 September 2021
… megfelelőségi határozattervezetről szóló véleményt 27 September 2021 EDPB Brüsszel, szeptember 27. - az Európai Adatvédelmi Testület (EDPB) véleményt … Az EDPB az általános adatvédelmi rendelet (GDPR) általános szempontjaira és a hatóságok által az … Az EDPB az általános adatvédelmi rendelet (GDPR) általános szempontjaira és a hatóságok által az …
27 June 2022
… The CNPD adopts the certification mechanism GDPR-CARPA 27 June 2022 Luxembourg Luxembourg becomes the first country … to introduce a certification mechanism according to the GDPR criteria. The National Data Protection Commission … to introduce a certification mechanism according to the GDPR criteria. The National Data Protection Commission …
23 January 2024
… 2024 France Background information Date of final decision: 27 December 2023 Cross-border case or national case: … Key Findings The French SA found several breaches of the GDPR regarding: Warehouse stock and order management: … with the principle of data minimisation (Article 5.1.c GDPR). Failure to ensure lawful processing (Article 6 GDPR) …
3 December 2024
… Guidelines 02/2024 on Article 48 GDPR Guidelines 02/2024 on Article 48 GDPR Start Date: 03 December 2024 End Date: 27 January 2025 Public consultation reference: 02/2024 … Guidelines 02/2024 on Article 48 GDPR …
27 September 2019
… of the General Data Protection Regulation (EU) 2016/679 (GDPR) Decision Type SA Netherlands 27 September 2019 Data Protection Impact Assessment (DPIA) … of a data protection impact assessment (Article 35.4 GDPR) … 1 State Current 2019 No 6441827 November 2019 Decision concerning list of types of …
… The national Data Protection Authorities ('DPAs') of the 27 EU Member States participate in the activities of the CSC … Data subjects may exercise their rights under the GDPR by contacting directly the competent national … in accordance with Article 42 (2) of Regulation (EU) 2018/1727 . The national Data Protection Authorities ('DPAs') of …
… of the General Data Protection Regulation (hereinafter: GDPR) 1 . The aim of the coordinated enforcement action is … data protection officers are in accordance with Art. 37-39 GDPR and they have the resources needed to carry out their … 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with …
27 August 2019
… Decision nr 42 EDPBI:LI:OSS:D:2019:42 27 August 2019 LSA LI CSA DE/NI Main legal reference Article … Summary of the Final Decision Vaduz August 27, 2019 Ref: 103.1.2/2019-283 IMI Case A60FD 75031 Decision … Liechtenstein finds 1. That has contravened Art. 15 GDPR. Points 2, 4 and 5 of the information provided do not …
12 May 2022
… on the calculation of administrative fines under the GDPR Guidelines 04/2022 on the calculation of administrative fines under the GDPR Start Date: 16 May 2022 End Date: 27 June 2022 Public consultation reference: 04/2022 … on the calculation of administrative fines under the GDPR …
28 October 2019
… 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with … the provisions of Article 5 paragraph (1) letter f) of the GDPR. Legal and Communication Department To read the press … the provisions of Article 5 paragraph (1) letter f) of the GDPR. Legal and Communication Department To read the press …
20 May 2025
… Slovenia Background information Date of final decision: 27 February 2025 National case Controller: High school Legal … by design and by default, as mandated by Article 25 of the GDPR. The inspection procedure revealed a lack of proper … by design and by default, as mandated by Article 25 of the GDPR. The inspection procedure revealed a lack of proper …
5 May 2022
… of processing (Art. 32) Decision: Infringement of the GDPR and fine imposed Key words: special categories of … categories of personal data, see Article 9 (1) of the GDPR. The municipality neglected to mark the 10 attachments … had been made public on the municipality’s website on 27 September 2021, by a reporter from Romerikes Blad . The …
18 December 2020
… Guidelines 10/2020 on restrictions under Article 23 GDPR Guidelines 10/2020 on restrictions under Article 23 GDPR Start Date: 18 December 2020 End Date: 12 February 2021 … 10/2020 Guidelines 10/2020 on restrictions under Article 23 GDPR 198.2KB English Download Publication Type: Guidelines …
17 June 2025
… 2025 Finland Background information Date of final decision: 27 May 2025 National case Legal Reference (s): Article 5 … was found to have infringed Articles 32 and 5.1.f of the GDPR. An administrative fine was imposed on Yliopiston … was found to have infringed Articles 32 and 5.1.f of the GDPR. An administrative fine was imposed on Yliopiston …
27 January 2020
… Decision nr 82 EDPBI:DEBW:OSS:D:2020:82 27 January 2020 LSA DE/BW CSA ALL SAs Main legal reference … information on our privacy notice pursuant to Article 13 GDPR, please consult our webpage at the following address: … the data breach as required in Article 33(1) and (3) GDPR. Also, the concerned data subjects have been informed …
7 September 2022
… Belgium Background information Date of final decision: 27 July 2022 Cross-border case or national case: National … Minimisation (Article 5.1.c) Decision: Infringement of the GDPR; Reprimand; Order to bring the processing operations into compliance with the GDPR Key words: Lawfulness; Purpose limitation; Data …
8 February 2022
… for claims handling. This practice has violated the GDPR. The Data Protection Ombudsman notes that the Traffic … for the collection of unnecessary patient information (27 January 2022) Decision of the Data Protection Ombudsman … for claims handling. This practice has violated the GDPR. The Data Protection Ombudsman notes that the Traffic …