4 November 2024
… failed to demonstrate compliance with Article 6 of the GDPR in accordance with the accountability principle. … decided that there is no legal basis under Article 6 of the GDPR for the broadcast of the CCTV footage of employees … of the national Data Protection Act and Article 13 of the GDPR since the company also failed to inform data subjects …
6 December 2024
… on the controller for unlawful processing (Art. 5 and 6.1 GDPR). The controller was reprimanded for the shortcomings … and was ordered to correct its unlawful practices (Art. 13 GDPR). In addition, the DPA instructed the controller to … so that only necessary personal data is processed (Art. 25 GDPR). For further information: National press release: …
2 June 2021
… EDPB. In 2020, the EDPB issued 32 Opinions under Art. 64 GDPR. Most of these Opinions concern draft accreditation … first dispute resolution decision on the basis of Art. 65 GDPR. The binding decision addressed the dispute that arose … reasoned objections expressed by a few Concerned SAs. The GDPR requires the EEA SAs to cooperate closely to ensure the …
12 January 2022
… consultation) Opinion 39/2021 on whether Article 58(2)(g) GDPR could serve as a legal basis for a supervisory … consultation) Opinion 39/2021 on whether Article 58(2)(g) GDPR could serve as a legal basis for a supervisory …
14 March 2018
… their rights and obligations. We are also empowered by the GDPR to make binding decisions towards national supervisory … their rights and obligations. We are also empowered by the GDPR to make binding decisions towards national supervisory …
28 January 2025
… és bejelentkezéssel digitális nyomot hagy maga után. A GDPR biztosítja, hogy adatait csak az Ön által elfogadott … és bejelentkezéssel digitális nyomot hagy maga után. A GDPR biztosítja, hogy adatait csak az Ön által elfogadott …
3 February 2022
… Regulation (EU) 611/2013 Decision: Infringement of the GDPR, Fines imposed Key words: GDPR, Data breach, Security, Data protection impact … ΟΤΕ S.A. was found to have infringed Article 32 of the GDPR due to inadequate security measures taken in relation …
5 August 2020
… breach or to mitigate its adverse effects (Art. 33 (3) (d) GDPR) The passwords of the affected accounts have been … or public communi- cation (Art. 34(1) or Art. 34(3) (c) GDPR) The controller has notified all data subjects and … the incident occurred, e.g. encryption (Article 34 (3) (a) GDPR) No particular measures beyond the standard IT security …
25 May 2018
… all the tasks it is required to carry out under the GDPR. The EDPB Secretariat is composed of legal experts, … all the tasks it is required to carry out under the GDPR. The EDPB Secretariat is composed of legal experts, …
4 October 2022
… Data Protection Act), Article 5.1(c) and 6.1(f) of the GDPR Decision: Order to comply Key words: GPS tracking … processing the personal data pursuant to Article 6 of the GDPR. Decision The Slovenian SA was assessing whether … was lawful in accordance to Article 6.1 (f) of the GDPR – legitimate interests. Slovenian SA confirmed that …
26 August 2024
… as a company in Belgium. Based on Article 60.8 of GDPR, the decision to reject the complaint was made by the … of Articles 12.1, 12.2, 12.3, 12.4, 17, 24 and 25.1 GDPR as stated by the complainant, as it was shown by the … data erasure. The Belgian SA found violations of the GDPR outside the scope of the complaint, which will be …
10 June 2022
… Insurance Against Occupational Accidents. Legal Reference: GDPR: Art. 5.1, letters a) and f) (lawfulness, fairness and … personal data). Decision: finding of infringements of the GDPR (imposition of administrative fine); finding of data … users’) personal data including health data (Art. 4.10 GDPR), which amounted to the unauthorised disclosure of …
27 June 2023
… lawful ground for all processing operations (Article 6 (1) GDPR) Failure to comply with the obligation to process … fairly and in a transparent manner (Article 5(1)(a) GDPR) Decision No provision that clearly stipulates the … data unlawfully and against Articles 5(1)(a) and 6(1) GDPR, as the company could not rely on any legal basis. …
20 November 2024
… and processing by COSMOSPACE (Article 5.1.c of the GDPR) Failure to comply with the obligation to retain data … limited to the intended purpose (Article 5.1.e of the GDPR) Failure to comply with the obligation to obtain prior … special categories of personal data (Article 9 of the GDPR) Failure to comply with the obligation to obtain …
5 August 2020
… breach or to mitigate its adverse effects (Art. 33 (3) (d) GDPR) Both the document and the entry were deleted. … or public communi- cation (Art. 34(1) or Art. 34(3) (c) GDPR) The data subjects concerned were informed in writing … the incident occurred, e.g. encryption (Article 34 (3) (a) GDPR) This was not a technical error. 6. Subsequent measures …
… According to the General Data Protection Regulation (GDPR), public authorities and certain businesses are obliged … DPOs have the role and position required by Articles 37-39 GDPR and the resources needed to carry out their tasks. The … According to the General Data Protection Regulation (GDPR), public authorities and certain businesses are obliged …
28 November 2024
… took place, but in his opinion there was no breach of the GDPR provisions. However, the proceeding conducted by the … the DPA revealed a breach of a number of provisions of the GDPR, including those relating to personal data security. … € for infringement of Articles 24, 25, 32, 33 and 34 of the GDPR. In the decision, the President of the Personal Data …
17 October 2023
… In its decision, IMY states that H&M has violated the GDPR by not ceasing to handle the complainants' personal … 28 500 EUR) against the company for violations of the GDPR. For further information: H&M har gjort det onödigt … In its decision, IMY states that H&M has violated the GDPR by not ceasing to handle the complainants' personal …
22 July 2021
… Urgent Binding Decision on the request under Article 66(2) GDPR from the Hamburg Supervisory Authority for ordering the … Urgent Binding Decision on the request under Article 66(2) GDPR from the Hamburg Supervisory Authority for ordering the …
1 February 2021
… and fathers-to-be in Belgium, for various breaches of the GDPR. Family Service is a marketing company that … of 50,000 euro, and ordered the company to comply with the GDPR. Given the size of the company, this is a considerable … model of Family Service is clearly not compliant with the GDPR. To read the decision (in Dutch) click here . For …