31 October 2019
… an investigation, following the notification of a personal data breach to the supervisory authority, by filling in the form on the personal data breach in compliance with Regulation (EU) 2016/679. The … an investigation, following the notification of a personal data breach to the supervisory authority, by filling in the …
13 January 2021
… threat and remove it led the company ID Finance Poland to data loss. Therefore, the President of the Personal Data Protection Office (UODO) found that the company had not … the security features on its servers and notified data breach to the supervisory authority at the same time. In …
15 April 2020
… Article 5 (Principles relating to processing of personal data) Article 7 (Conditions for consent) Article 32 … of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal … 1 Summary Final Decision Art 60 Data breach notification No sanction EDPBI:UK:OSS:D:2020:100 …
5 November 2024
… of the controller, Publicly available data, Data security, Employment Summary of the Decision Origin … employees without a need to know had access to. The data breach has been ongoing since the university started using … of the controller, Publicly available data, Data security, Employment Summary of the Decision …
4 November 2024
… Article 9 (Processing of special categories of personal data) Decision: Administrative fine Key words: Lawfulness … penalty of NOK 250,000 to Eidskog Municipality for breach of the requirements for a legal basis in the General Data Protection Regulation. Key findings The Norwegian …
18 August 2020
… Spanish Data Protection Authority (AEPD) imposes fine of 70.000 EUR on XFERA MOVILES 18 August 2020 Spain The Spanish Data Protection Authority (AEPD) imposed a fine of 70.000 … phone number). The AEPD considered that this constitutes a breach of the principle of confidentiality, established in …
19 January 2023
… (Responsibility of the controller), Article 25 (1) (2) (Data protection by design and by default), Article 32 (1) … and (2) GDPR (Principles relating to processing of personal data), Article 57 (1) (a) and (h) GDPR, Article 58 (2) (i) GDPR , Article 33 (Notification of a personal data breach to the supervisory authority) Decision: …
13 September 2024
… and order to comply following a leak of expats’ personal data file 13 September 2024 Greece Background information … GDPR: Article 14: Information to be provided where personal data have not been obtained from the data subject; GDPR: … GDPR: Article 33: Notification of a personal data breach Controllers: Hellenic Ministry of the Interior, and a …
30 August 2022
… fine, Cooperation with the supervisory authority, Personal data breach Summary of the Decision Origin of the case TIMSHEL notified a personal data breach to the supervisory authority by e-mail. However, … fine, Cooperation with the supervisory authority, Personal data breach Summary of the Decision Origin of the case …
16 December 2022
… 12 and 21 of the GDPR), obligation to secure personal data (Article 32 of the GDPR), obligation to document a personal data breach (Article 33 of the GDPR) Decision: infringement of … 12 and 21 of the GDPR), obligation to secure personal data (Article 32 of the GDPR), obligation to document a …
16 May 2019
… Article 14 (Information to be provided where personal data have not been obtained from the data subject) Article 24 (Responsibility of the controller) … of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 5 (Principles …
11 September 2020
… 11 September 2020 Poland The President of the Personal Data Protection Office, after having found a personal data breach by the Warsaw University of Life Sciences … The President of the Personal Data Protection Office, after having found a personal data breach by the Warsaw University of Life Sciences (SGGW), …
31 May 2023
… fine, Cooperation, Employment, Notification of personal data breach Summary of the Decision Origin of the case The … This documentation contained, inter alia, personal data of the controller's employees and persons who were … fine, Cooperation, Employment, Notification of personal data breach Summary of the Decision Origin of the case …
6 April 2022
… imposed administrative fines on BOI of €463,000 Key words: Data Breach Summary of the Decision Origin of the case This inquiry was commenced in respect of 22 personal data breach notifications that Bank of Ireland Group plc … imposed administrative fines on BOI of €463,000 Key words: Data Breach Summary of the Decision Origin of the case …
20 December 2022
… Processing the personal data by a processor must be documented 20 December 2022 … of the case The Polish SA has been notified of a personal data breach at the Sułkowice Cultural Centre. In the course of … of the case The Polish SA has been notified of a personal data breach at the Sułkowice Cultural Centre. In the course …
13 January 2021
… 13 January 2021 Poland The President of the Personal Data Protection Office (UODO) imposed a fine of PLN 1.9 … measures to ensure the security of the processed data. UODO stated that the company infringed the principles … some of the company’s clients. In connection with a data breach, as a result of which an unauthorised person obtained …
11 February 2021
… School of Judiciary and Public Prosecution (KSSIP) for breaching the GDPR rules 11 February 2021 Poland The … its obligations as a controller. According to the Personal Data Protection Office, the controller did not take the … measures in order to ensure the security of personal data contained in the copy of the database of the training …
16 October 2020
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Data security … 2020 LSA: UK CSAs: All SAs Legal Reference: Personal data breach (Articles 33 and 34), Security of processing …
20 September 2019
… 20 September 2019 Poland The President of the Personal Data Protection Office imposed a fine of an amount higher … and technical measures for the protection of personal data were not appropriate to the risk posed by the … the fine, the supervisory authority concluded that the breach which took place in this case was of considerable …
13 October 2021
… The Norwegian Data Protection Authority: Ferde AS fined 13 October 2021 … on the Norwegian national broadcaster, NRK, the Norwegian Data Protection Authority learned that Ferde AS transfers … Data Protection Authority’s conclusion is that Ferde AS has breached several of the organization’s basic …