26 July 2024
… the company to applicants (infringements of Article 5(1)(a) GDPR (principles of fairness and transparency, Article 12(1) and (4) GDPR); processing in the context of a company’s ‘shadow … (infringements of lawfulness principle, Article 5(1)(a) GDPR and Article 6(1) GDPR); improper implementation of the …
16 March 2020
… Board (EDPB), said: “Data protection rules (such as GDPR) do not hinder measures taken in the fight against the … to guarantee the lawful processing of personal data.” The GDPR is a broad legislation and also provides for the rules … a context such as the one relating to COVID-19. Indeed, the GDPR provides for the legal grounds to enable the employers …
22 January 2024
… order to verify the compliance with the provisions of the GDPR, and more precisely concerning the legal basis of the … that the data controller violated article 13.1.e) of the GDPR (no information about the recipients of the personal … the CNPD identified a violation of article 24.1 of the GDPR (responsibility of the data controller), as personal …
20 August 2020
… the e-Privacy Directive forms lex specialis vis-à-vis the GDPR (as lex generalis), as stated in article 95 GDPR, the provisions with regard to consent of the GDPR remain applicable as preconditions for lawful … the e-Privacy Directive forms lex specialis vis-à-vis the GDPR (as lex generalis), as stated in article 95 GDPR, the …
… és eszközeink Az EDPB az általános adatvédelmi rendelet (GDPR) következetes értelmezésének és alkalmazásának … Az EDPB az általános adatvédelmi rendelet (GDPR) következetes értelmezésének és alkalmazásának …
2 February 2024
… request, hence the Company breached Article 12(3) of GDPR when they failed to meet the Complainant’s erasure … right to erasure according to Article 17(1)(b) of GDPR. The Company also failed to meet the requirements of … database, so the Company breached Article 25(1) of GDPR. Decision The Authority established that the Company …
6 September 2023
… not complied with data protection principles in Article 5 GDPR and not informed the data subjects about processing in accordance with Article 12 and 13 GDPR. Key Findings Failure to comply with the obligation … fairly and in a transparent manner (Article 5(1)(a) GDPR) Failure to inform the data subjects about processing …
22 February 2023
… by national DPAs via binding decisions under Art. 65 GDPR and to advise the EU legislator on data protection … further guidance and develop awareness-raising tools on the GDPR for a wider audience. Furthermore, the EDPB intends to … such as on the interplay between the AI Act and the GDPR and on the use of social media by public bodies. …
26 September 2018
… an important tool for the consistent application of the GDPR across the EU. DPIA is a process to help identify and … the types of processing which could require a DPIA, the GDPR calls for the national supervisory authorities to … and challenges of consistency in practice. The GDPR does not require full harmonisation or an 'EU list', …
13 October 2021
… Controller: Ferde AS Legal Reference: Processor (ARTICLE 28 GDPR), Security of Processing (ARTICLE 32 GDPR), General principle for transfers (ARTICLE 44 GDPR) Decision: infringement declared and fine imposed Key … Controller: Ferde AS Legal Reference: Processor (ARTICLE 28 GDPR), Security of Processing (ARTICLE 32 GDPR), General …
8 September 2021
… Legal Reference: Data retention period (Article 5.1.e GDPR), Information (Articles 13 & 14 GDPR) Decision: Fine … had failed to comply with articles 5-1-e, 13 and 14 of the GDPR. Decision Breach of Article 5-1-e of the GDPR The … Legal Reference: Data retention period (Article 5.1.e GDPR), Information (Articles 13 & 14 GDPR) Decision: …
25 November 2020
… decision to specify certain viewpoints, the primacy of the GDPR as EU law resulted in the decision that a priori analysed potential breaches of the GDPR. Decision of the Litigation Chamber The litigation … were not processed in a lawful way under article 6.1.f. GDPR, as there were legitimate interests for the defendants …
7 December 2023
… request, hence the Company breached Article 12(3) GDPR when they failed to meet the Complainant’s erasure … right to erasure according to Article 17(1)(b) GDPR. The Company also failed to meet the requirements of … newsletter database, so the Company breached Article 25(1) GDPR. Decision The Hungarian Supervisory Authority …
… analyse decisions related to different Articles of the GDPR and include examples of final One-Stop-Shop (OSS) … Supervisory Authorities (SAs) work together to enforce the GDPR. They offer an opportunity to read final decisions … Publication Type: Support Pool of Experts projects Topics: GDPR enforcement Cooperation between authorities English …
30 June 2022
… (Articles 44 and 46). Decision: infringement of the GDPR; order to comply; order to suspend data flows to U.S.; … data transfers despite their being in violation of the GDPR. Key Findings: The Italian SA found that Caffeina … be transferred to the U.S. in violation of Chapter V of the GDPR, since the measures adopted by Google to supplement the …
26 January 2023
… of legality, fairness and transparency (Art. 5(1)(a) of GDPR), consent of the data subject (Art. 7(2) of GDPR), direct marketing (Art. 81(1) of ECL) Decision: The … was upheld, infringements of Art. 5(1)(a) and Art. 7(2) of GDPR and Art. 81(1) ECL Summary of the Decision Origin …
22 May 2023
… Authority (IE DPA). This fine, which is the largest GDPR fine ever, was imposed for Meta’s transfers of personal … to bring its data transfers into compliance with the GDPR. Andrea Jelinek, EDPB Chair, said: “The EDPB found that … bring processing operations into compliance with Chapter V GDPR, by ceasing the unlawful processing, including storage, …
6 December 2022
… three dispute resolution decisions on the basis of Art. 65 GDPR concerning Meta Platforms Ireland Limited (Meta IE). … in ensuring the correct and consistent application of the GDPR by the national Supervisory Authorities. The Irish SA … among others, the legal basis for processing (Art. 6 GDPR), data protection principles (Art. 5 GDPR), and the use …
19 February 2021
… that CAIXABANK had violated Articles 13 and 14 of the GDPR. Following Article 83 (5) b of the GDPR, a fine of 2.000.000 EUR was imposed. When deciding on … that this constituted a breach of Article 6 of the GDPR, and according to Article 83 (5) a of the GDPR, an …
24 April 2020
… into the possibility of relying on a derogation of Art. 49 GDPR to enable international flows. The EDPB tackled this … research. In its letter, the EDPB reiterates that the GDPR allows for collaboration between EEA and non-EEA … decisions or appropriate safeguards (included in Article 46 GDPR) should be favoured, according to the EDPB. However, …