27 January 2023
… health information without an appropriate consent 27 January 2023 Finland Italy Belgium Czech Republic France … that the company did not have the consent required by the GDPR for processing data on body mass indices and maximal … The consent requested did not meet the requirements of the GDPR as it was not specific and informed. The SA finds that …
5 August 2020
… August 2020 535.1000 A56ID 75410 CR 126887 DD 126889 FD 142710 Final Decision 1. Facts concerning the data breach - … breach or to mitigate its adverse effects (Art. 33 (3) (d) GDPR) The passwords of the affected accounts have been … or public communi- cation (Art. 34(1) or Art. 34(3) (c) GDPR) The controller has notified all data subjects and …
27 June 2018
… State of play - IMI for GDPR purposes 27 June 2018 EDPB It has been just a month ago that the General Data Protection Regulation (GDPR) entered into application, the long awaited revamp of … a month ago that the General Data Protection Regulation (GDPR) entered into application, the long awaited revamp of …
27 September 2021
… di decisione relativo all’adeguatezza della Corea del Sud 27 September 2021 EDPB Bruxelles, 27 settembre — Il comitato … Corea. L'EDPB si è concentrato sugli aspetti generali del GDPR e sull'accesso da parte delle autorità pubbliche ai … dei dati sostanzialmente equivalente a quello del GDPR. Ne è un esempio l'adozione di notifiche da parte …
27 June 2023
… 204 for processing credit information without a legal basis 27 June 2023 Iceland Background information Date of … lawful ground for all processing operations (Article 6 (1) GDPR) Failure to comply with the obligation to process … fairly and in a transparent manner (Article 5(1)(a) GDPR) Decision No provision that clearly stipulates the …
3 December 2024
… Guidelines 02/2024 on Article 48 GDPR Guidelines 02/2024 on Article 48 GDPR Start Date: 03 December 2024 End Date: 27 January 2025 Public consultation reference: 02/2024 … Guidelines 02/2024 on Article 48 GDPR …
3 December 2024
… dati (EDPB) ha pubblicato le linee guida sull'articolo 48 GDPR sui trasferimenti di dati alle autorità di paesi terzi … Nelle sue linee guida, l'EDPB approfondisce l'articolo 48 GDPR e chiarisce in che modo le organizzazioni possono … orientamenti sono soggetti a consultazione pubblica fino al 27 gennaio 2025. Approvazione del sigillo UE per la …
13 July 2020
… 13 July 2020 631.87 535.699 A56ID 74975 CR 82038 RD 129527 FD 135778 Final Decision The Berlin DPA closes the case. … breach or mitigate its adverse effects (Art. 33 (3) (d) GDPR) The company hired a forensics firm to identify network … or public com- munication (Art. 34 (1) or Art. 34 (3) (c) GDPR) The concerned data subjects were informed of the …
27 June 2023
… 141 for processing credit information without a legal basis 27 June 2023 Iceland Background information Date of … lawful ground for all processing operations (Article 6 (1) GDPR) Failure to comply with the obligation to process … fairly and in a transparent manner (Article 5(1)(a) GDPR) Decision No provision that clearly stipulates the …
8 December 2020
… Opinion 27/2020 on the draft decision of the Danish Supervisory … Adopted Opinion 27/2020 on the draft decision of the Danish Supervisory … such data, and repealing Directive 95/46/EC (hereinafter “GDPR”), Having regard to the European Economic Area … the “EDPB”) is to ensure the consistent application of the GDPR throughout the EEA. To this effect, it follows from …
3 June 2020
… has the following reference number: INC000002310272. 1. Decision Following a review of the case, the Danish … Article 32(1) of the General Data Protection Regulation (GDPR). The reprimand is issued in accordance with the rules … personal data. According to Article 5(1)(f) of the GDPR, personal data must be processed confidentially, such …
13 October 2021
… 2021 Norway Background information Date of final decision: 27 September 2021 Cross-border case or national case: … Controller: Ferde AS Legal Reference: Processor (ARTICLE 28 GDPR), Security of Processing (ARTICLE 32 GDPR), General principle for transfers (ARTICLE 44 GDPR) …
12 May 2022
… on the calculation of administrative fines under the GDPR Guidelines 04/2022 on the calculation of administrative fines under the GDPR Start Date: 16 May 2022 End Date: 27 June 2022 Public consultation reference: 04/2022 … on the calculation of administrative fines under the GDPR …
27 October 2023
… di Meta Platforms Ireland Ltd (articolo 66, paragrafo 2, GDPR) 27 October 2023 Urgent Binding decision of the Board (Art. … di Meta Platforms Ireland Ltd (articolo 66, paragrafo 2, GDPR) …
13 September 2024
… 2024 Greece Background information Date of final decision: 27 May 2024 National case Legal Reference (s): GDPR: Article 5.1.a: Principle of lawfulness, fairness and transparency; GDPR: Article 6.1.f: Processing based on legitimate … decision: 27 May 2024 National case Legal Reference (s): GDPR: Article 5.1.a: Principle of lawfulness, fairness and …
6 April 2022
… Ireland Group plc Legal Reference: Article 32(1), 33 and 34 GDPR Decision: Infringement of Article 32(1), 33 and 34 GDPR, Order to comply with article 32(1) GDPR, Issued … Protection Commission (DPC) between 9 November 2018 and 27 June 2019. The notifications related to the corruption of …
20 July 2022
… case Controller: Clearview AI Inc. Legal Reference: GDPR: Article 3: Territorial scope. Article 5(1)(a) and (2): … not established in the Union. Decision: Infringement of the GDPR, Administrative fine. Key words: Web scraping, Images … 9 GDPR) and its obligations under Articles 12, 14, 15 and 27 of the GDPR. Decision: The Hellenic DPA imposed a fine …
27 September 2019
… of the General Data Protection Regulation (EU) 2016/679 (GDPR) Decision Type SA Netherlands 27 September 2019 Data Protection Impact Assessment (DPIA) … of a data protection impact assessment (Article 35.4 GDPR) … 1 State Current 2019 No 6441827 November 2019 Decision concerning list of types of …
27 June 2022
… The CNPD adopts the certification mechanism GDPR-CARPA 27 June 2022 Luxembourg Luxembourg becomes the first country … to introduce a certification mechanism according to the GDPR criteria. The National Data Protection Commission … to introduce a certification mechanism according to the GDPR criteria. The National Data Protection Commission …
15 July 2025
… 2025 Italy Background information Date of final decision: 27 March 2025 National case Controller: Istituto di … Findings The Italian SA recalled that, according to the GDPR and the Italian Data Protection Code, the use of … Findings The Italian SA recalled that, according to the GDPR and the Italian Data Protection Code, the use of …