Search results | European Data Protection Board

EDPB Stakeholder Event on processing of personal data for scientific research purposes
16 March 2021
News
… remote stakeholder event on the topic " application of the GDPR to the processing of personal data for scientific … remote stakeholder event on the topic " application of the GDPR to the processing of personal data for scientific …
Hungarian SA fines car importer for unlawful data processing practices related to satisfaction measurement
24 February 2022
News
… to data subjects under Article 12(1) and Article 13 of the GDPR; data minimisation under Article 5(1)(c); legal basis … under Article 6(1) Decision: finding an infringement of the GDPR, order to bring practices into line with the GDPR, data protection fine of HUF 5 million (approx. EUR 14 …
EDPBI:DEBE:OSS:D:2020:106
7 May 2020
… and was unsuccessful in finding a violation of the GDPR. It was also noted that one of the web addresses … In light of the above, the LSA found no violation of the GDPR. …
EDPB centralised register of records
… and the EDPB on the interplay between the DMA and the GDPR EDPB Public Consultations EDPB-EDPS Support Pool of … and the EDPB on the interplay between the DMA and the GDPR EDPB Public Consultations EDPB-EDPS Support Pool of …
Polish SA fines controller EUR 5300 for failure to implement appropriate security measures
20 April 2023
News
… of the Bar Association for breaching the provisions of the GDPR by failing to implement appropriate technical and … should be made compliant with the provisions of the GDPR within six months from the date of delivery of the … of the Bar Association for breaching the provisions of the GDPR by failing to implement appropriate technical and …
Italian SA: unfettered employee surveillance to be banned
13 May 2021
News
… Controller: Municipality of Bozen/Bolzano Legal Reference: GDPR: Article 5 para. 1, letters a) and c) (lawfulness, … private life). Decision: finding of infringements of the GDPR; administrative fine Key words: employer-employee … Controller: Municipality of Bozen/Bolzano Legal Reference: GDPR: Article 5 para. 1, letters a) and c) (lawfulness, …
The Norwegian Supervisory Authority’s fines Lillestrøm Municipal Council
5 May 2022
News
… of processing (Art. 32) Decision: Infringement of the GDPR and fine imposed Key words: special categories of … categories of personal data, see Article 9 (1) of the GDPR. The municipality neglected to mark the 10 attachments … of processing (Art. 32) Decision: Infringement of the GDPR and fine imposed Key words: special categories of …
Polish SA: administrative fine of EUR 4 500 for gastronomic entrepreneur for access hindering and failure to provide with the necessary information
25 September 2025
News
… fine for an infringement of Article 58 (1)(a) and (e) GDPR. The entrepreneur was informed of the opening of the … fine of EUR 4 500 for infringement of Article 58 (1)(a,e) GDPR. For further information: • National press release: … fine for an infringement of Article 58 (1)(a) and (e) GDPR. The entrepreneur was informed of the opening of the …
EuroPriSe European Privacy Seal
… processing operations by processors in accordance with the GDPR using the EuroPriSe method Type of criteria EU Data … as European Data Protection Seal pursuant to Article 42.5 (GDPR) 18 July 2024 Publication Type: Opinion of the Board …
Baden-Wuerttemberg State Commissioner imposes fine on AOK Baden-Wuerttemberg
29 July 2020
News
… 32 of the European General Data Protection Regulation, GDPR), the Department of Fines of the Baden-Wuerttemberg … with the LfDI. Within the frame that article 83 (4) GDPR sets for fines, the comprehensive internal reviews and … restore or improve the health of the insured persons. The GDPR requires fines to not only be effective and dissuasive, …
Finnish DPA imposes administrative fine for several deficiencies in personal data processing
4 June 2020
News
… compliance of the related personal data processing with the GDPR. The Deputy Data Protection Ombudsman ordered the … failed to conduct the impact assessments required by the GDPR before the start of processing. Data protection impact … that the processing of audio data was not in line with the GDPR’s principle of data minimisation. She ordered Taksi …
Administrative fine imposed on psychotherapy centre Vastaamo for data protection violations
5 January 2022
News
… Accountability (Art. 5(2)) Decision: Infringement of the GDPR, administrative fine and reprimand Key words: personal … Ombudsman issued Vastaamo a reprimand on violating the GDPR. The sanctions board of the Office of the Data … Accountability (Art. 5(2)) Decision: Infringement of the GDPR, administrative fine and reprimand Key words: personal …
Norwegian DPA issues reprimand to Telenor for inadequate protection of personal data
12 February 2021
News
… have been breached: Violation of Article 32 (1) of the GDPR, by failing to implement appropriate technical and … appropriate to the risk. Violation of Article 33 of the GDPR, by failing to notify the personal data breach to the … have been breached: Violation of Article 32 (1) of the GDPR, by failing to implement appropriate technical and …
AT SA's decision on the accreditation requirements for a code of conduct monitoring body
30 August 2019
Decision by the SA
… a code of conduct monitoring body pursuant to article 41 GDPR … monitor compliance with code of conduct pursuant to Art. 40 GDPR (monitoring bodies) by implementing the provisions of … 95/46/EC (General Data Protection Regulation, hereinafter “GDPR”), OJ L 119 of 4.5.2016 p. 1, as amended by the …
Polish SA: administrative fine of 5 625 € for failure to implement appropriate technical and organisational measures to ensure security
6 February 2025
News
… data in compliance with the principles expressed in the GDPR. Losing a laptop is losing a laptop represents an … ZHP for infringement of Articles 5, 24, 25 and 32 of the GDPR. Chorągiew was ordered to implement appropriate data … data in compliance with the principles expressed in the GDPR. Losing a laptop is losing a laptop represents an …
Irish additional accreditation requirements for certification bodies
1 June 2020
Decision by the SA
… of a certification body pursuant to Article 43.3 (GDPR) … 17065) and in accordance with Articles 43(1)(b) and 43(3) GDPR. The points below (aside from section 9) refer to ISO … and operational procedures in relation to accreditation for GDPR certification schemes. 1 SCOPE This document contains …
Spanish Data Protection Authority (AEPD) imposes fine of 70.000 EUR on XFERA MOVILES
18 August 2020
News
… of confidentiality, established in Article 5(1)(f) of the GDPR. You can read the text of the decision here . For … of confidentiality, established in Article 5(1)(f) of the GDPR. You can read the text of the decision here . For …
The Norwegian SA fines Krokatjønnvegen 15 AS
20 January 2023
News
… of processing (Article 6) Decision: Infringement of the GDPR, Administrative fine and Order to comply Key words: … of processing (Article 6) Decision: Infringement of the GDPR, Administrative fine and Order to comply Key words: …
Decision in the matter of Twitter International Company made pursuant to Section 111 of the Data Protection Act 2018
9 December 2020
Decision by the SA
… Twitter International Company under Article 65(1)(a) GDPR … Accountability Controller obligations under the GDPR 7. Issue I – TIC’s Compliance with Article 33(1) 29 - … 2018 Act 135 - 138 12. Corrective Powers – Article 58(2) GDPR 138 - 140 The Reprimand 13. Administrative Fine – …
Polish SA: administrative fine of 262 500 € for hidden video surveillance in neonatology department and failure to implement appropriate security measures
2 May 2025
News
… Article 6(1), 9(1) in relation with Article 13(1,2) of the GDPR and a fine of 105 000 € for infringement of Articles 24(1), 25(1,) and 32(1,2) of the GDPR. Total amount of imposed fine on Centrum Medyczne … Article 6(1), 9(1) in relation with Article 13(1,2) of the GDPR and a fine of 105 000 € for infringement of Articles …