29 March 2022
… reference Article 32 (Security of processing) Keywords Data security Personal data breach Outcome Reprimand Decision 79.9KB Download … Decision …
2 September 2024
… and modalities for the exercise of the rights of the data subject), Article 15 (Right to access by the data subject) Decision: Administrative fine Key words: … the modalities of the right to access, the defendant has breached the articles 12.2, 12.3 et 15 GDPR because of the …
2 May 2025
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 9 (Processing of special categories of personal data), Article 13 (Information to be provided where … to the President of the Personal Data Protection Office a breach involving the loss or theft of memory cards from the …
… taken by, and involving, different SAs relating to specific data subject rights. The projects are conducted by external … One-Stop-Shop case digest on Security of Processing and Data Breach Notification 18 January 2024 Publication Type: …
13 May 2021
… 1, letters a) and c) (lawfulness, fairness, transparency; data minimisation); Article 6 (Lawful processing); Article 9 (Processing of special category data); Article 13 (Information); Article 35 (DPIA); Article … nature of the information that had been processed in breach of the law. Additionally, the municipality was …
5 May 2022
… and fine imposed Key words: special categories of personal data, unauthorised access Summary of the Decision Origin … of 21 attachments contained special categories of personal data, see Article 9 (1) of the GDPR. The municipality … Authority also received notice of a personal data breach from Lillestrøm Municipal Council on 29 September. …
12 February 2019
… Administrative Arrangement for the transfer of personal data between European Economic Area (“EEA”) Financial … 8 adopted 3 The European Data Protection Board Having regard to Article 63, Article … such as “personal data”, “processing”, “personal data breach”, “right of access”, “right of erasure” which are in …
28 October 2021
… Reference: GDPR: Article 5 (Principles applying to personal data processing); Article 6 (Lawfulness of processing); … service; inbound calls management; trade union agreements; data minimization Summary of the … found that the company had processed its employees’ data in breach of sector-specific national law and the general …
18 December 2018
… operations which are subject to the requirement for a Data Protection Impact Assessment under Article 35(4) of the General Data Protection Regulation (EU) 2016/679 (GDPR) Decision … the processing is of such a nature that a personal data breach could jeopardise the [physical] health or safety of …
29 April 2021
… Article 5 (Principles relating to processing of personal data) Keywords Personal data breach Data security Children Education Outcome …
11 October 2018
… operations which are subject to the requirement for a Data Protection Impact Assessment under Article 35(4) of the General Data Protection Regulation (EU) 2016/679 (GDPR) Decision … challenges freedom of movement), or any data whose breach can substantially affect the data subject’s daily …
21 February 2025
… reference Article 32 (Security of processing) Keywords Data security Personal data breach Outcome Dismissal/Rejection of the case …
26 July 2019
… operations which are subject to the requirement for a Data Protection Impact Assessment under Article 35(4) of the General Data Protection Regulation (EU) 2016/679 (GDPR) Decision … used only in case of the need for analysis of incidents of breach of law. The means of public transport, the cities …
18 December 2019
… 18 December 2019 Germany The Federal Commissioner for Data Protection and Freedom of Information (BfDI) imposed a … another case, the BfDI imposed a fine of EUR 10. 000 on Rapidata GmbH. Concerning this matter, the Federal Commissioner … The BfDI considers this authentication procedure to be in breach of Article 32 of the GDPR which obliges the company …
28 January 2020
… Guidelines 1/2020 on processing personal data in the context of connected vehicles and mobility … reference: 1/2020 Guidelines 1/2020 on processing personal data in the context of connected vehicles and mobility … connected vehicles are critical systems where a security breach may endanger the life of its users and Adopted - …
15 June 2021
… for inadequate testing 15 June 2021 Norway The Norwegian Data Protection Authority has fined the Norwegian … GDPR violation. The backdrop for this case is that personal data about 3.2 million Norwegians was available online for … Data Protection Authority also found the incident to be in breach of the principles of legality, data minimisation and …
16 May 2024
… Article 5 (Principles relating to processing of personal data) Keywords Retention time Personal data breach Outcome Dismissal/Rejection of the case No …
4 November 2021
… Article 5 (Principles relating to processing of personal data) Article 32 (Security of processing) Keywords Personal data breach Data security Fraud Third party access to personal …
16 May 2022
… Controller: The municipality of Reykjavík. Legal Reference: data protection principles (Article 5), lawfulness of processing (Article 6), transparency (Article 13), data protection by design and default (Article 25), joint … SA concluded that the municipality of Reykjavík had breached various provisions of the GDPR using Seesaw. …
24 November 2020
… the City of Stockholm 24 November 2020 Sweden The Swedish Data Protection Authority has reviewed the so-called School … Board of Education in the City of Stockholm. The Swedish Data Protection Authority has received a number of personal data breach notifications from the City of Stockholm's Board of …