20 November 2019
… Guidelines 4/2019 on Article 25 Data Protection by Design and by Default Guidelines 4/2019 on Article 25 Data Protection by Design and by Default Start Date: 20 … reference: 4/2019 Guidelines 4/2019 on Article 25 Data Protection by Design and by Default 711.4KB …
20 September 2019
… 20 September 2019 Poland The President of the Personal Data Protection Office imposed a fine of an amount higher … and technical measures for the protection of personal data were not appropriate to the risk posed by the … the fine, the supervisory authority concluded that the breach which took place in this case was of considerable …
21 June 2023
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Data security …
4 May 2021
… green pass and it is affected additionally by several data protection shortcomings including the lack of any … Contrary to the requirements laid down in the EU General Data Protection Regulation, the decree does not specify the … of the controller of the processing at issue, which is in breach of the transparency principle and hampers or …
24 March 2021
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
15 January 2024
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 13 (Information to be provided where personal data are collected from the data subject) Decision: … facility is rented out for events or other gatherings, in breach of Article 6. Furthermore, the Icelandic SA …
28 October 2021
… Decision Origin of the case Image files containing health data about people with no connection to the municipality … to staff at the health clinic. Key Findings The Norwegian Data Protection Authority noted that the municipality did … internal deficiencies in its access management. This is a breach of the requirements regarding personal data security …
18 July 2023
… Romanian SA fines UiPath SRL for breaching Articles 25 and 32 GDPR 18 July 2023 Romania … Controller: UiPath SRL Legal references: Article 25 (Data protection by design and by default), Article 32 … Decision: Administrative fine, Compliance order Key words: Data protection by design and by default, Personal data …
15 September 2021
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data breach Data security Outcome No sanction decision.pdf …
18 December 2019
… The Norwegian Data Protection Authority imposes a fine on the City of Oslo … of Oslo, the Nursing Home Agency, for having stored patient data from the city’s nursing homes and health centres … The case commenced when the City of Oslo sent a data breach notification to the Data Protection Authority in …
30 May 2023
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 32 (Security of processing) Keywords Data security Sensitive data Personal data breach Outcome No …
26 May 2021
… certify COVID-19 vaccination, recovery or negativity was in breach of privacy laws. The certification was intended to be … this processing, who was authorised to access and use the data, or who was tasked with checking that the certificates … default. At all events, the Region should have performed a data protection impact assessment beforehand in order to …
24 April 2023
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data breach Data security Outcome No sanction Decision …
31 March 2021
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data breach Outcome Reprimand Decision 202.5KB Lejupielādēt …
26 March 2019
… First fine imposed by the President of the Personal Data Protection Office 26 March 2019 Poland The President of the Personal Data Protection Office (UODO) imposed its first fine for the … of the Personal Data Protection Office considered the breach to be serious, since it concerns the fundamental …
8 March 2023
… of processing) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data breach Data security …
27 January 2021
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Data security Personal data breach Employment Outcome No …
13 June 2022
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Data security Personal data breach Finance Outcome Reprimand …
17 February 2021
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data breach Data security Electronic communications …
7 August 2023
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Encryption Notification of personal data breach Outcome Dismissal/Rejection of the case Decision …