Search results | European Data Protection Board

Polish DPA: The controller should carry out a fair risk analysis
21 June 2021
News
… out a fair risk analysis 21 June 2021 Poland The Polish Data Protection Authority has imposed an administrative fine … PLN 160 000 (EUR 35 000) for failing to notify a personal data protection breach. In addition, the company was fined for failing to … The Polish Data Protection Authority has imposed an administrative fine …
Polish DPA: The first fine for non-compliance with an administrative decision order
12 February 2021
News
… imposed on it in an administrative decision. The Personal Data Protection Office (UODO) ordered the entrepreneur to communicate the breach of their personal data to its patients and to provide these persons with … imposed on it in an administrative decision. The Personal Data Protection Office (UODO) ordered the entrepreneur to …
Hellenic SA fines Debt Management Company for unlawful processing of personal data and non-essential examination of rights to object and erasure
12 September 2022
News
… Debt Management Company for unlawful processing of personal data and non-essential examination of rights to object and … fairness and transparency of processing of personal data (Article 5.1a). Principle of accountability (Article … unduly impeded the exercise of the complainant’s rights, in breach of the provision of Article 12(2) of the GDPR, and …
Polish SA fines controller EUR 2200 for failure to implement appropriate security measures
9 June 2023
News
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 … by design and by default, Data security, Personal data breach, Responsibility of the controller, Principles …
Polish SA: Personal data carrier must be secured
13 July 2021
News
… Polish SA: Personal data carrier must be secured 13 July 2021 Poland The … President of the District Court did not secure the company data carrier, but only instructed his employees to do it … to the scope of the personal data disclosed, the indicated breach caused a high risk of infringement of rights or …
The Polish SA imposed an administrative fine on the University Clinical Center of the Medical University of Warsaw
8 September 2022
News
… of Warsaw Legal Reference: Notification of a personal data breach to the supervisory authority (Article 33(1)), Communication of a personal data breach to the data subject (Article 34(1)) Decision: … of Warsaw Legal Reference: Notification of a personal data breach to the supervisory authority (Article 33(1)), …
Finnish SA: loan comparison provider Sambla Group issued administrative fine for data security neglect
10 March 2025
News
… provider Sambla Group issued administrative fine for data security neglect 10 March 2025 Finland Background … Article 5 (Principles relating to processing of personal data), Article 25 (Data protection by design and by … Administrative fine, Communication order personal data breach, Reprimand Key words: Data security, Personal data …
Online clairvoyance reading: French SA fined KG COM EUR 150,000
8 June 2023
News
… 5 (1)(e)(Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 9 (Processing of special categories of personal data), Article 32 (Security of processing), Article 33 (Notification of a personal data breach to the supervisory authority) Decision: …
Polish SA fines controller EUR 6700 for failure to implement appropriate security measures
16 May 2023
News
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 … Electronic communications, Hacker attack, Personal data breach, Principles relating to processing of personal data, …
Reprimand for disclosure of the list of quarantined persons
25 November 2020
News
… 25 November 2020 Poland The President of the Personal Data Protection Office, after having conducted ex officio proceedings relating to breach of personal data protection of persons subject to medical quarantine by … The President of the Personal Data Protection Office, after having conducted ex officio …
Hellenic SA: fine on a company for failure to implement technical and organisational measures resulting in unauthorised access by third parties
2 May 2024
News
… network vulnerabilities, unauthorised access, dark web, data breach, data breach notification, network intrusion, ransomware, … network vulnerabilities, unauthorised access, dark web, data breach, data breach notification, network intrusion, …
Polish DPA fines non-public nursery and pre-school: Lack of cooperation with the supervisory authority
20 July 2020
News
… authority 20 July 2020 The President of the Personal Data Protection Office (UODO) imposed a fine of PLN 5 000 on … provide the President of the UODO with access to personal data and other information necessary for the performance of … for assessment whether the controller communicated a data breach to the data subject in accordance with the GDPR …
Slovenian SA: schools must adhere to the principle of data protection by design and by default
20 May 2025
Press releases
… Slovenian SA: schools must adhere to the principle of data protection by design and by default 20 May 2025 … Controller: High school Legal Reference(s): Article 25 (Data protection by design and by default) … an ex officio inspection after receiving an official data breach notification. A school reported an unauthorized …
The President of the Personal Data Protection Office imposes a fine in cross-border proceedings
10 July 2020
News
… The President of the Personal Data Protection Office imposes a fine in cross-border … 10 July 2020 Poland The President of the Personal Data Protection Office (UODO) imposed a fine of PLN 15 000 … circumstances, among others, the seriousness of the breach (undermining the proper functioning of the personal …
Polish SA fines controller EUR 5300 for failure to implement appropriate security measures
20 April 2023
News
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 … security, Data subject rights, Encryption, Personal data breach, Responsibility of the controller, Technical and …
The Romanian Supervisory Authority fines Raiffeisen Bank S.A. and Vreau Credit S.R.L.
31 October 2019
News
… an investigation, following the notification of a personal data breach to the supervisory authority, by filling in the form on the personal data breach in compliance with Regulation (EU) 2016/679. The … an investigation, following the notification of a personal data breach to the supervisory authority, by filling in the …
Polish DPA & ID Finance Poland: Checking potential system vulnerabilities cannot be delayed
13 January 2021
News
… threat and remove it led the company ID Finance Poland to data loss. Therefore, the President of the Personal Data Protection Office (UODO) found that the company had not … the security features on its servers and notified data breach to the supervisory authority at the same time. In …
Norwegian SA issues administrative fine to the University of Agder
5 November 2024
News
… of the controller, Publicly available data, Data security, Employment Summary of the Decision Origin … employees without a need to know had access to. The data breach has been ongoing since the university started using … of the controller, Publicly available data, Data security, Employment Summary of the Decision …
Spanish Data Protection Authority (AEPD) imposes fine of 70.000 EUR on XFERA MOVILES
18 August 2020
News
… Spanish Data Protection Authority (AEPD) imposes fine of 70.000 EUR on XFERA MOVILES 18 August 2020 Spain The Spanish Data Protection Authority (AEPD) imposed a fine of 70.000 … phone number). The AEPD considered that this constitutes a breach of the principle of confidentiality, established in …
Norwegian SA issues administrative fine to Eidskog Municipality
4 November 2024
News
… Article 9 (Processing of special categories of personal data) Decision: Administrative fine Key words: Lawfulness … penalty of NOK 250,000 to Eidskog Municipality for breach of the requirements for a legal basis in the General Data Protection Regulation. Key findings The Norwegian …

First page
Previous page
…
2
3
4
5
6
7
8
9
10
…
Next page
Last page