Search results | European Data Protection Board

Merck & Co., Inc. (MSD)
1 July 2016
… of the Group’s respective regular business activities. Pre-GDPR Yes … Merck & Co., Inc. (MSD) …
Fiserv, Inc. (First Data Corporation)
1 July 2011
… of the Group’s respective regular business activities Pre-GDPR Yes … Fiserv, Inc. (First Data Corporation) …
Fiserv, Inc. (First Data Corporation)
1 July 2011
… of the Group’s respective regular business activities Pre-GDPR Yes … Fiserv, Inc. (First Data Corporation) …
ABN AMRO Group N.V.
1 July 2012
… of the Group’s respective regular business activities Pre-GDPR Yes … ABN AMRO Group N.V. …
ARDIAN(previously known as AXA PRIVATE EQUITY)
1 July 2013
… of the Group’s respective regular business activities. Pre-GDPR Yes … ARDIAN(previously known as AXA PRIVATE EQUITY) …
Marsh and McLennan Companies Inc.
1 July 2017
… of the Group’s respective regular business activities. Pre-GDPR Yes … Marsh and McLennan Companies Inc. …
Marsh and McLennan Companies Inc.
1 July 2017
… of the Group’s respective regular business activities. Pre-GDPR Yes … Marsh and McLennan Companies Inc. …
October plenary - adopted documents
21 October 2022
News
… as European Data Protection Seal pursuant to Article 42.5 (GDPR) 10 October 2022 Publication Type: Opinion of the Board … 9/2022 on personal data breach notification under GDPR 10 October 2022 Publication Type: Guidelines Topics: …
EDPBI:UK:OSS:D:2019:33
3 August 2019
… that the controller complied with its obligations under the GDPR. … Decision nr 33 …
Icelandic SA: the municipality of Reykjavík fined 5.000.000 ISK for the use of the Seesaw educational system
16 May 2022
News
… safeguards (Article 46). Decision: infringement of the GDPR, order to suspend processing and erasure of personal … of Reykjavík had breached various provisions of the GDPR using Seesaw. Following that decision, the Icelandic SA … safeguards (Article 46). Decision: infringement of the GDPR, order to suspend processing and erasure of personal …
Polish SA: administrative fine of EUR 15 556 for University Children’s Clinical Hospital in Białystok for failing to implement appropriate technical and organisational measures
25 September 2025
News
… infringement of Articles 24(1), 25(1) and 32(1,2) of the GDPR. In addition, the President of the Personal Data … the processing operations into line with the provisions of GDPR by: implementing appropriate technical and … infringement of Articles 24(1), 25(1) and 32(1,2) of the GDPR. In addition, the President of the Personal Data …
May Plenaries - adopted documents
31 May 2022
News
… on the calculation of administrative fines under the GDPR 12 May 2022 Publication Type: Guidelines Topics: … of the Second Payment Services Directive (PSD2) and GDPR 30 May 2022 Publication Type: Letters Topics: Financial …
The Norwegian SA issues fine and order company to establish procedures after unlawful credit rating
17 December 2021
News
… Legal basis (Article 6) Decision: Infringement of the GDPR, Order to establish procedures Key words: Credit Rating … Legal basis (Article 6) Decision: Infringement of the GDPR, Order to establish procedures Key words: Credit Rating …
Processing of personal data related to Danish research projects
3 October 2022
News
… 32) Decision: in accordance with the GDPR Key words: sensitive data, health records, research … 32) Decision: in accordance with the GDPR Key words: sensitive data, health records, research …
Norwegian Supervisory Authority issues fine to the Norwegian parliament
4 March 2022
News
… of personal data (Art. 5) Decision: Infringement of the GDPR and fine imposed Key words: Information Security, … of personal data (Art. 5) Decision: Infringement of the GDPR and fine imposed Key words: Information Security, …
Spanish Data Protection Authority (AEPD) imposes fine on company for not complying with advertisement exclusion
18 August 2020
News
… to processing for marketing purposes under Article 21 GDPR. However, the company did not comply with its … to processing for marketing purposes under Article 21 GDPR. However, the company did not comply with its …
Join the stakeholder event on EDPB opinion on ‘AI models’
11 October 2024
News
… on issues relating to the request for an Art. 64(2) GDPR opinion on artificial intelligence ("AI") submitted to … on issues relating to the request for an Art. 64(2) GDPR opinion on artificial intelligence ("AI") submitted to …
July Plenaries - adopted documents
2 August 2022
News
… Ireland Limited (Meta IE)). In accordance with Art. 65 (5) GDPR, the EDPB will publish its decision on its website … Ireland Limited (Meta IE)). In accordance with Art. 65 (5) GDPR, the EDPB will publish its decision on its website …
Polish DPA: A data breach must be notified to the supervisory authority
11 January 2021
News
… not complied with the obligation under Article 33 of the GDPR. When determining the amount of the administrative … DPA reminds that pursuant to Article 33 (1) and (3) of the GDPR, in the case of a personal data breach, the controller … not complied with the obligation under Article 33 of the GDPR. When determining the amount of the administrative …
State Commissioner for Data Protection in Lower Saxony imposes € 10.4 million fine against notebooksbilliger.de
26 January 2021
News
… Lower Saxony under the General Data Protection Regulation (GDPR). The GDPR enables supervisory authorities to impose fines of up … Lower Saxony under the General Data Protection Regulation (GDPR). The GDPR enables supervisory authorities to impose …