Search results | European Data Protection Board

Relazione annuale 2024 dell'EDPB: proteggere i dati personali in un panorama in evoluzione
23 April 2025
Press releases
… del regolamento generale sulla protezione dei dati (GDPR) in tutta Europa. Per supportare la comprensione e … in tutta Europa, garantire un'applicazione coerente del GDPR e affrontare le sfide emergenti, compresa la … coerenza adottati a norma dell'articolo 64, paragrafo 2, GDPR è notevolmente aumentato. Nel 2024 il comitato ha …
Irish Supervisory Authority announces decision in Facebook “Data Scraping” inquiry
1 December 2022
News
… and consistency mechanism outlined in Article 60 GDPR. LSA: Irish Supervisory Authority (SA). and CSAs: all … Ireland Limited) (‘Meta Platforms’). Legal Reference: GDPR obligation for Data Protection by Design and Default (Article 25 GDPR). Decision: infringement of Articles 25(1) and 25(2) …
Romanian Supervisory Authority fine against Hora Credit IFN S.A.
10 December 2019
News
… certain provisions of General Data Protection Regulation (GDPR). The controller was sanctioned as follows: for the … mentioned in Article 83 paragraph (5) letter a) of GDPR – fine in the amount of 14336.1 lei, the equivalent of … mentioned in Article 83 paragraph (4) letter a) of GDPR – fine in the amount of 47787 lei, the equivalent of …
Icelandic SA: the municipality of Hafnarfjörður fined EUR 18.580 for the use of Google Workspace for Education
26 April 2024
News
… of Hafnarfjörður infringed multiple Articles of the GDPR with its use of Google’s educational system i.e.: … accordance with the Regulation (Articles 5, 24(1) & 28(1) GDPR) Data processing agreement did not meet the minimum requirements (Article 28(3)(a) GDPR) Failure to demonstrate a specified, explicit, and …
Icelandic SA: the municipality of Reykjanesbær fined EUR 16.590 for the use of Google Workspace for Education
26 April 2024
News
… of Reykjanesbær infringed multiple Articles of the GDPR with its use of Google’s educational system i.e.: … accordance with the Regulation (Articles 5, 24(1) & 28(1) GDPR) Data processing agreement did not meet the minimum requirements (Article 28(3)(a) GDPR) Failure to demonstrate a specified, explicit, and …
EDPB publishes OSS case digest on Security of Processing and Data Breach Notification
18 January 2024
News
… case digest on Security of Processing (Art. 32 GDPR) and Data Breach Notification (Art. 33 & 34 GDPR) . Since the entry into force of the GDPR, data protection authorities (DPAs) have closely …
The Portuguese Supervisory Authority fines the Portuguese National Statistics Institute (INE) 4.3 million EUR
19 December 2022
News
… Statistics Institute (INE) Legal Reference: article 9(1) GDPR; article 12 GDPR; article 13 GDPR; article 28(1), (6) and (7) GDPR; article 35(1), (2) …
Geolocalisation data: the French SA fines UBEEQO International €175 000
25 July 2022
News
… Legal Reference: Data minimisation (Article 5.1.c GDPR), Retention period (Article 5.1.e GDPR), Information of individuals (Article 12 GDPR) Decision: Administrative fine Key words: Geolocation …
Greek SA: fine imposed on employer for failure to satisfy the right to object and unlawful processing of employee’s personal data
28 March 2022
News
… Foreign languages private school Legal Reference: GDPR: Article 5(1)(a): Principle of lawfulness, fairness and … Article 21: Right to object Decision: Infringement of the GDPR, Administrative fine Key words: Right to object, … the provisions of Articles 5(1)(f)(a), 5(2) and 13 of the GDPR and in any case without clearly specifying the legal …
Comitato europeo per la protezione dei dati — Ottava sessione plenaria: Interazione tra la direttiva ePrivacy e il Regolamento generale sulla protezione dei dati, dichiarazione sul Regolamento ePrivacy, elenchi dei trattamenti soggetti a obblighi valutaz
14 March 2019
Press releases
… e il Regolamento generale sulla protezione dei dati (GDPR-RGPD). Il parere intende rispondere al quesito relativo … ricada nell’ambito di applicazione materiale sia del GDPR sia della direttiva ePrivacy. È opinione del CEPD che … protezione dei dati siano competenti per l'applicazione del GDPR. Il fatto che una parte del trattamento rientri nel …
Icelandic SA: the municipality of Kópavogur fined EUR 19.907 for the use of Google Workspace for Education
26 April 2024
News
… of Kópavogur infringed multiple Articles of the GDPR with its use of Google’s educational system i.e.: … accordance with the Regulation (Articles 5, 24(1) & 28(1) GDPR) Data processing agreement did not meet the minimum requirements (Article 28(3)(a) GDPR) Failure to demonstrate a specified, explicit, and …
Irish Supervisory Authority’s final decision summary: fines confirmed
29 November 2022
News
… Legal Reference: 1. Articles 5(1)(f) and 32(1) of the GDPR 2. Article 5(1), Article 32(1), Article 33(1) of the GDPR 3. Article 15, Article 13, Article 12 of the GDPR 4. Article 5(1)(f) and 32(1), Article 24 and 30(1), …
L'EDPB adotta orientamenti sulla pseudonimizzazione e apre la strada a una migliore cooperazione con le autorità garanti della concorrenza
17 January 2025
Press releases
… l'uso della pseudonimizzazione per la conformità al GDPR Il regolamento generale sulla protezione dei dati … base giuridica (articolo 6, paragrafo 1, lettera f), del GDPR), purché siano soddisfatti tutti gli altri requisiti del GDPR. Analogamente, la pseudonimizzazione può contribuire a …
EDPB launches French and German versions of its Data Protection Guide for small business
17 May 2024
News
… The Guide provides practical information to SMEs about GDPR compliance and benefits in an accessible and easily … Guide for small business covers various aspects of the GDPR, from data protection basics, to data subject rights … practical materials to help SMEs on their way to become GDPR compliant In the near future, the Guide will become …
Sixteenth Plenary Session: adopted documents
11 December 2019
News
… Session, the EDPB adopted the following documents: Art. 64 GDPR Opinion on Accreditation Requirements for Codes of … Right to be Forgotten in the search engine cases under the GDPR” (part 1) … During its December Plenary Session, the EDPB adopted the following documents: Art. 64 GDPR Opinion on Accreditation Requirements for Codes of …
Belgian DPA fines controller for sending a direct marketing message to the wrong person and for not responding adequately to the subsequent request for access
19 June 2020
News
… answer to the request of the plaintiff (Article 15 GDPR), did not respond within the deadline set by the GDPR (Article 12.3 GDPR) and was not sufficiently transparent (Article 12.1 …
Icelandic SA: the municipality of Garðabær fined EUR 16 590 for the use of Google Workspace for Education
26 April 2024
News
… municipality of Garðabær infringed multiple Articles of the GDPR with its use of Google’s educational system i.e.: … accordance with the Regulation (Articles 5, 24(1) & 28(1) GDPR) Data processing agreement did not meet the minimum requirements (Article 28(3)(a) GDPR) Failure to ensure that data is not further processed …
Endorsed WP29 Guidelines
… meeting the European Data Protection Board endorsed the GDPR related WP29 Guidelines: Guidelines on consent under … 9/2022 on personal data breach notification under GDPR Guidelines on the right to data portability under … records of processing activities pursuant to Article 30(5) GDPR Working Document Setting Forth a Co-Operation Procedure …
The French SA fines Clearview AI EUR 20 million
20 October 2022
News
… Lawfulness of processing of personal data (article 6 of the GDPR), Rights of individuals (articles 12, 15 and 17 of the GDPR), Cooperation with supervisory authority (article 31 of the GDPR) Decision: Infringement of the GDPR, Administrative …
Personalised advertising: French SA fined CRITEO EUR 40,000,000
15 June 2023
News
… Key Findings The French SA found five breaches of the GDPR: Failure to demonstrate that the person has given consent (Article 7.1 GDPR) Failure to comply with the obligation of information and transparency (Articles 12 and 13 GDPR) Failure to respect the right of access (Article 15.1 …