Search results | European Data Protection Board

Decision concerning a complaint directed against Meta Platforms Ireland Limited in respect of the Instagram service made pursuant to Section 113 of the Data Protection Act 2018 (Inquiry 18-5-7)
12 January 2023
Decision by the SA
… Ireland Limited and its Instagram service (Art. 65 GDPR) …
Ivoclar Vivadent Group
23 July 2024
… 331.8KB German English Download Pre-GDPR No …
EU Cloud Code of Conduct
20 May 2021
Decision by the SA
… Belgium Type Code for Controllers/Processors subject to GDPR Scope Transnational Opinion/Guideline References …
‘Easy privacy information via icons? Yes, you can!’ The Italian DPA launches a contest calling for creative ideas from all quarters
14 April 2021
News
… in an information notice under Articles 13 and 14 of the GDPR. Proposals will be welcome until 30 May, 2021 and … in an information notice under Articles 13 and 14 of the GDPR. Proposals will be welcome until 30 May, 2021 and …
Slovenian SA: launch of coordinated enforcement on role of data protection officers
… the position in their organisations required by Art. 37-39 GDPR and Chapter 6 of the Personal Data Protection Act and … the position in their organisations required by Art. 37-39 GDPR and Chapter 6 of the Personal Data Protection Act and …
EDPB adopts guidelines on processing personal data through blockchains and is ready to cooperate with AI office on guidelines on AI Act and EU data protection law
14 April 2025
News
… organisations using these technologies to comply with the GDPR. In its guidelines, the EDPB explains how blockchains … organisations using these technologies to comply with the GDPR. In its guidelines, the EDPB explains how blockchains …
Swedish SA: Administrative fine against the Equality Ombudsman when personal data was collected via a web form
15 July 2025
News
… The DO has violated the general data protection regulation (GDPR) by not having taken sufficiently effective security … The DO has violated the general data protection regulation (GDPR) by not having taken sufficiently effective security …
Decision of the Data Protection Commission made pursuant to Section 111 of the Data Protection Act, 2018 and Articles 60 and 65 of the General Data Protection Regulation
22 May 2023
Binding decision of the Board (Art. 65)
… Platforms Ireland Limited for its Facebook service (Art. 65 GDPR) …
Supervisory authorities of the Baltic States launch of coordinated inspection of the compliance of personal data processing in the field of short-term vehicle rental
27 July 2022
News
… the application of the General Data Protection Regulation (GDPR) and so proactively address potential threats to … the application of the General Data Protection Regulation (GDPR) and so proactively address potential threats to …
General Court: WhatsApp annulment action inadmissible
7 December 2022
News
… a draft decision of the Irish DPA concerning WhatsApp IE’s GDPR transparency obligations to both users and non-users of … a draft decision of the Irish DPA concerning WhatsApp IE’s GDPR transparency obligations to both users and non-users of …
Italian DPA imposes limitation on processing on TikTok after the death of a Girl from Palermo
26 January 2021
News
… with certainty. The SA decided to take urgent measures (GDPR, art. 58, comma 2, lett. f) and art. 66, comma 1) … with certainty. The SA decided to take urgent measures (GDPR, art. 58, comma 2, lett. f) and art. 66, comma 1) …
Personal data breach at the Breiðholt Upper Secondary School – Administrative fine
10 March 2020
News
… violations of, inter alia, Art. 5(1)f and Art. 32 of the GDPR. When determining the fine, the SA referred to the … violations of, inter alia, Art. 5(1)f and Art. 32 of the GDPR. When determining the fine, the SA referred to the …
The Romanian National Supervisory Authority issues a fine against FAN COURIER EXPRESS SR
28 October 2019
News
… the provisions of Article 5 paragraph (1) letter f) of the GDPR. Legal and Communication Department To read the press … the provisions of Article 5 paragraph (1) letter f) of the GDPR. Legal and Communication Department To read the press …
CoC regulating the processing of personal data related to commercial information
29 April 2021
Other
… Italy Type Code for Controllers/Processors subject to GDPR Scope National Monitoring Body Organismo di …
CoC regulating credit assessment systems managed by private entities
6 October 2022
Other
… Italy Type Code for Controllers/Processors subject to GDPR Scope National Monitoring Body Organismo di …
Code of Conduct for Service Providers in Clinical Research
12 September 2024
Decision by the SA
… France Type Code for Controllers/Processors subject to GDPR Scope Transnational Opinion/Guideline References …
Finnish DPA imposed three administrative fines for data protection violations
27 May 2020
News
… had not made the impact assessment required by the GDPR before starting to process the location data. The … controller’s documentation related to compliance with the GDPR. The company had asked for information on matters such … had not made the impact assessment required by the GDPR before starting to process the location data. The …
Polish SA: administrative fine of 210 € for failure to notify personal data breach to supervisory authority
28 November 2024
News
… Office then explained the procedure resulting from the GDPR. In the case of such an incident, the risk to which the … a fine of 210 € for infringement of Article 33 of the GDPR. For further information: Decision in national … Office then explained the procedure resulting from the GDPR. In the case of such an incident, the risk to which the …
Polish DPA fines Warsaw University of Life Sciences (SGGW)
11 September 2020
News
… of confidentiality and accountability specified in the GDPR. It is worth noting that the personal data of … of the principle of storage limitation provided for in the GDPR. Moreover, in the course of the conducted proceedings … of confidentiality and accountability specified in the GDPR. It is worth noting that the personal data of …
The Norwegian SA issues fine to the Municipality of Østre Toten for flawed information security
7 July 2022
News
… the controller (Article 24) Decision: Infringement of the GDPR, Order to comply Key words: Cyber attack, Ransomware, … the controller (Article 24) Decision: Infringement of the GDPR, Order to comply Key words: Cyber attack, Ransomware, …