15 November 2022
… BCR applications since the entering into application of the GDPR. The recommendations provide additional guidance and … essentially equivalent to the one provided by the GDPR. The aim of these recommendations is to: provide an … BCR applications since the entering into application of the GDPR. The recommendations provide additional guidance and …
3 February 2022
… Regulation (EU) 611/2013 Decision: Infringement of the GDPR, Fines imposed Key words: GDPR, Data breach, Security, Data protection impact … ΟΤΕ S.A. was found to have infringed Article 32 of the GDPR due to inadequate security measures taken in relation …
20 November 2024
… and processing by COSMOSPACE (Article 5.1.c of the GDPR) Failure to comply with the obligation to retain data … limited to the intended purpose (Article 5.1.e of the GDPR) Failure to comply with the obligation to obtain prior … special categories of personal data (Article 9 of the GDPR) Failure to comply with the obligation to obtain …
13 October 2020
… IP address, refers to Art. 6 para. 1 sentence 1 lit. f GDPR. sees the legitimate interest in the processing of … attacks, in particular to meet the requirements of Art. 32 GDPR and § 13 para. 7 TMG. Furthermore, the method aims at … risks" in the sense of Art. 6 para. 1 sentence 1 lit. f GDPR. 3 III. Legal assessment The Brandenburg Commissioner …
28 November 2024
… took place, but in his opinion there was no breach of the GDPR provisions. However, the proceeding conducted by the … the DPA revealed a breach of a number of provisions of the GDPR, including those relating to personal data security. … € for infringement of Articles 24, 25, 32, 33 and 34 of the GDPR. In the decision, the President of the Personal Data …
… According to the General Data Protection Regulation (GDPR), public authorities and certain businesses are obliged … DPOs have the role and position required by Articles 37-39 GDPR and the resources needed to carry out their tasks. The … According to the General Data Protection Regulation (GDPR), public authorities and certain businesses are obliged …
17 October 2023
… In its decision, IMY states that H&M has violated the GDPR by not ceasing to handle the complainants' personal … 28 500 EUR) against the company for violations of the GDPR. For further information: H&M har gjort det onödigt … In its decision, IMY states that H&M has violated the GDPR by not ceasing to handle the complainants' personal …
1 February 2021
… and fathers-to-be in Belgium, for various breaches of the GDPR. Family Service is a marketing company that … of 50,000 euro, and ordered the company to comply with the GDPR. Given the size of the company, this is a considerable … model of Family Service is clearly not compliant with the GDPR. To read the decision (in Dutch) click here . For …
16 September 2021
… “Luigi Bocconi” University in Milan Legal Reference: GDPR: Article 5 para. 1, letters a), c) and e) (lawfulness, … category data) Decision: Finding of infringements of GDPR; imposition of administrative fine and corrective … data without a lawful legal basis pursuant to Article 9 GDPR. The students’ consent could not be relied upon by the …
27 June 2023
… lawful ground for all processing operations (Article 6 (1) GDPR) Failure to comply with the obligation to process … fairly and in a transparent manner (Article 5(1)(a) GDPR) Decision No provision that clearly stipulates the … data unlawfully and against Articles 5(1)(a) and 6(1) GDPR, as the agency could not rely on any legal basis. …
5 August 2020
… breach or to mitigate its adverse effects (Art. 33 (3) (d) GDPR) Both the document and the entry were deleted. … or public communi- cation (Art. 34(1) or Art. 34(3) (c) GDPR) The data subjects concerned were informed in writing … the incident occurred, e.g. encryption (Article 34 (3) (a) GDPR) This was not a technical error. 6. Subsequent measures …
11 March 2020
… 7 million euro) on Google for failure to comply with the GDPR. Google as a search engine operator has not fulfilled … against Google. – The General Data Protection Regulation, GDPR, increases the level of responsibility for … or superfluous. This right was strengthened with the GDPR entering into force 25th May 2018. The right is however …
20 February 2019
… of Article 32 of the General Data Protection Regulation (GDPR) and, in terms of Article 21 of the Data Protection Act … account the circumstances set out under Article 83.2 of the GDPR. The temporary ban imposed on the Authority’s portal … of Article 32 of the General Data Protection Regulation (GDPR) and, in terms of Article 21 of the Data Protection Act …
13 April 2023
… a dispute resolution decision on the basis of Art. 65 GDPR concerning a draft decision of the IE DPA on the … in ensuring the correct and consistent application of the GDPR by the national Data Protection Authorities. As no … a dispute resolution decision on the basis of Art. 65 GDPR concerning a draft decision of the IE DPA on the …
7 June 2023
… a legally binding decision on the basis of Art. 65(1)(a) GDPR. Following public consultation, the guidelines were … of the EDPB Guidelines on the application of Art. 60 GDPR and changes to the EDPB Rules of Procedure. In … a legally binding decision on the basis of Art. 65(1)(a) GDPR. Following public consultation, the guidelines were …
3 August 2023
… a dispute resolution decision on the basis of Art. 65 GDPR concerning a draft decision of the Irish Data … ensures the correct and consistent application of the GDPR by the national DPAs. The Irish DPA issued the draft … a dispute resolution decision on the basis of Art. 65 GDPR concerning a draft decision of the Irish Data …
22 July 2021
… Urgent Binding Decision on the request under Article 66(2) GDPR from the Hamburg Supervisory Authority for ordering the … Urgent Binding Decision on the request under Article 66(2) GDPR from the Hamburg Supervisory Authority for ordering the …
1 March 2023
… (Article 12(1), Article 13) Decision: Infringement of the GDPR, Order to comply, Administrative fine Key words: … data is collected through the Websites. The practical GDPR compliance of the cookie consent management system … the Websites if such processing was made compliant with the GDPR. An administrative fine was also issued in HUF equal to …
13 May 2021
… and contravened Article 6(1) and Article 5(1)(a) of the GDPR. The recordings had already been handed over to the … previous legislation The infringement occurred before the GDPR went into effect on 20 July 2018. The fine was … and contravened Article 6(1) and Article 5(1)(a) of the GDPR. The recordings had already been handed over to the …
13 July 2020
… breach or mitigate its adverse effects (Art. 33 (3) (d) GDPR) The company hired a forensics firm to identify network … or public com- munication (Art. 34 (1) or Art. 34 (3) (c) GDPR) The concerned data subjects were informed of the … incident occurred, e.g. encryption (Arti- cle 34 (3) (a) GDPR) - 3 - The stolen passwords were hashed with PBKDF2-SHA …