Search results | European Data Protection Board

Code of Conduct concerning the Protection of Personal Data Processed in Small Medical Facilities
14 December 2022
Decision by the SA
… Poland Type Code for Controllers/Processors subject to GDPR Scope National Monitoring Body RS Jamano Ltd Pursuant …
Code of Conduct for the processing of personal data by private research agencies
24 November 2025
Decision by the SA
… Poland Type Code for Controllers/Processors subject to GDPR Scope National Monitoring Body Omni Modo sp. z o.o. …
Decision in the matter of Meta Platforms Ireland Limited and the "Instagram" social media network made pursuant to Section 111 of the Data Protection Act 2018
15 September 2022
Binding decision of the Board (Art. 65)
… Ireland Limited (Instagram) under Article 65(1)(a) GDPR …
CoC regulating the sector of telemarketing and tele-selling
7 March 2024
Other
… Italy Type Code for Controllers/Processors subject to GDPR Scope National Monitoring Body (website under …
The Romanian National Supervisory Authority issues a fine against FAN COURIER EXPRESS SR
28 October 2019
News
… the provisions of Article 5 paragraph (1) letter f) of the GDPR. Legal and Communication Department To read the press … the provisions of Article 5 paragraph (1) letter f) of the GDPR. Legal and Communication Department To read the press …
General Court: WhatsApp annulment action inadmissible
7 December 2022
News
… a draft decision of the Irish DPA concerning WhatsApp IE’s GDPR transparency obligations to both users and non-users of … a draft decision of the Irish DPA concerning WhatsApp IE’s GDPR transparency obligations to both users and non-users of …
Italian DPA imposes limitation on processing on TikTok after the death of a Girl from Palermo
26 January 2021
News
… with certainty. The SA decided to take urgent measures (GDPR, art. 58, comma 2, lett. f) and art. 66, comma 1) … with certainty. The SA decided to take urgent measures (GDPR, art. 58, comma 2, lett. f) and art. 66, comma 1) …
Personal data breach at the Breiðholt Upper Secondary School – Administrative fine
10 March 2020
News
… violations of, inter alia, Art. 5(1)f and Art. 32 of the GDPR. When determining the fine, the SA referred to the … violations of, inter alia, Art. 5(1)f and Art. 32 of the GDPR. When determining the fine, the SA referred to the …
Polish SA: administrative fine of 210 € for failure to notify personal data breach to supervisory authority
28 November 2024
News
… Office then explained the procedure resulting from the GDPR. In the case of such an incident, the risk to which the … a fine of 210 € for infringement of Article 33 of the GDPR. For further information: Decision in national … Office then explained the procedure resulting from the GDPR. In the case of such an incident, the risk to which the …
Polish DPA fines Warsaw University of Life Sciences (SGGW)
11 September 2020
News
… of confidentiality and accountability specified in the GDPR. It is worth noting that the personal data of … of the principle of storage limitation provided for in the GDPR. Moreover, in the course of the conducted proceedings … of confidentiality and accountability specified in the GDPR. It is worth noting that the personal data of …
Az Európai Adatvédelmi Testület egyértelműsíti a tudományos kutatáshoz szükséges adatkezelést, felgyorsítja az anonimizálási iránymutatások véglegesítését, és jóváhagyja az első európai adatvédelmi bélyegzőt mint adattovábbítási eszközt
16 April 2026
News
… az innovatív kutatást azáltal, hogy segítik a kutatókat a GDPR navigálásában. Az Európai Adatvédelmi Testület … *Az európai adatvédelmi pecsét egy Európa-szerte elismert GDPR-tanúsítási mechanizmus. A pecsétnek meg kell felelnie … az innovatív kutatást azáltal, hogy segítik a kutatókat a GDPR navigálásában. Az Európai Adatvédelmi Testület …
Finnish DPA imposed three administrative fines for data protection violations
27 May 2020
News
… had not made the impact assessment required by the GDPR before starting to process the location data. The … controller’s documentation related to compliance with the GDPR. The company had asked for information on matters such … had not made the impact assessment required by the GDPR before starting to process the location data. The …
Verhaltensregeln / Code of Conduct für die Ausübung des Gewerbes der Bilanzbuchhaltungsberufe (Bilanzbuchhalter, Buchhalter, Personalverrechner)
6 November 2020
Decision by the SA
… Austria Type Code for Controllers/Processors subject to GDPR Scope National Monitoring Body 1) DSGVO-ZT GmbH, …
Verhaltensregeln / Code of Conduct für die Ausübung des Gewerbes der Adressverlage und Direktmarketingunternehmen gemäß § 151 GewO 1994
7 August 2020
Decision by the SA
… Austria Type Code for Controllers/Processors subject to GDPR Scope National Monitoring Body Austrian Standards plus …
Código de Conducta tratamiento de datos en la actividad publicitaria / Code of Conduct data processing in advertising activities
10 October 2023
Decision by the SA
… Spain Type Code for Controllers/Processors subject to GDPR Scope National Opinion/Guideline References Guidelines …
Data Pro Code
20 August 2020
Decision by the SA
… Netherlands Type Code for Controllers/Processors subject to GDPR Scope National Opinion/Guideline References Guidelines …
Decision in the matter of TikTok Technology Limited made pursuant to Section 111 of the Data Protection Act, 2018 and Articles 60 and 65 of the General Data Protection Regulation
15 September 2023
Binding decision of the Board (Art. 65)
… the Irish SA regarding TikTok Technology Limited (Art. 65 GDPR) …
Biometrics for attendance recording. The Italian SA fines a high school
16 September 2025
News
… Garante found several infringements of the EU Regulation (GDPR), including the lack of clear and transparent … Garante found several infringements of the EU Regulation (GDPR), including the lack of clear and transparent …
Slovenian SA: schools must adhere to the principle of data protection by design and by default
20 May 2025
Press releases
… by design and by default, as mandated by Article 25 of the GDPR. The inspection procedure revealed a lack of proper … by design and by default, as mandated by Article 25 of the GDPR. The inspection procedure revealed a lack of proper …
The Norwegian SA issues fine to the Municipality of Østre Toten for flawed information security
7 July 2022
News
… the controller (Article 24) Decision: Infringement of the GDPR, Order to comply Key words: Cyber attack, Ransomware, … the controller (Article 24) Decision: Infringement of the GDPR, Order to comply Key words: Cyber attack, Ransomware, …