Search results | European Data Protection Board

EDPBI:SE:OSS:D:2024:1529
18 November 2024
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
Norwegian DPA: Høylandet Municipal Council Fined
28 October 2021
News
… Decision Origin of the case Image files containing health data about people with no connection to the municipality … to staff at the health clinic. Key Findings The Norwegian Data Protection Authority noted that the municipality did … internal deficiencies in its access management. This is a breach of the requirements regarding personal data security …
The Norwegian Data Protection Authority imposes a fine on the City of Oslo
18 December 2019
News
… The Norwegian Data Protection Authority imposes a fine on the City of Oslo … of Oslo, the Nursing Home Agency, for having stored patient data from the city’s nursing homes and health centres … The case commenced when the City of Oslo sent a data breach notification to the Data Protection Authority in …
EDPBI:AT:OSS:D:2023:689
21 June 2023
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Data security …
EDPBI:DEBE:OSS:D:2021:197
24 March 2021
Decision by the SA
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
First fine imposed by the President of the Personal Data Protection Office
26 March 2019
News
… First fine imposed by the President of the Personal Data Protection Office 26 March 2019 Poland The President of the Personal Data Protection Office (UODO) imposed its first fine for the … of the Personal Data Protection Office considered the breach to be serious, since it concerns the fundamental …
The Icelandic DPA has fined a company running ice cream parlours for processing employee‘s personal data via video surveillance camera installed in an employee area.
29 June 2021
News
… ice cream parlours for processing employee‘s personal data via video surveillance camera installed in an employee … ice cream parlours for processing employee‘s personal data via video surveillance camera installed in an employee … amount of the fine was that the company was found to be in breach of numerous provisions of the Icelandic Act No. …
EDPBI:FI:OSS:D:2025:1619
3 February 2025
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data breach Outcome No sanction 1619_redacted.pdf 65KB …
EDPBI:ES:OSS:D:2021:277
15 September 2021
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data breach Data security Outcome No sanction decision.pdf …
Polish DPA fines Surveyor General of Poland: Full inspection must be carried out
20 July 2020
News
… be carried out 20 July 2020 The President of the Personal Data Protection Office (UODO), after having conducted an … (Główny Geodeta Kraju, GGK). The President of the Personal Data Protection established that the Surveyor General of … the General Data Protection Regulation (GDPR), where the breach consisted in failure to provide the supervisory …
EDPBI:SE:OSS:D:2023:774
30 May 2023
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 32 (Security of processing) Keywords Data security Sensitive data Personal data breach Outcome No …
Fine for processing students’ fingerprints imposed on a school
5 March 2020
News
… a school 5 March 2020 Poland The President of the Personal Data Protection Office imposed a fine of PLN 20 000 in connection with the breach consisting in the processing of biometric data of children when using the school canteen. The school … The President of the Personal Data Protection Office imposed a fine of PLN 20 000 in …
EDPBI:RO:OSS:D:2023:760
24 April 2023
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data breach Data security Outcome No sanction Decision …
EDPBI:FR:OSS:D:2021:201
31 March 2021
Decision by the SA
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data breach Outcome Reprimand Decision 202.5KB Lejupielādēt …
EDPBI:SI:OSS:D:2023:680
8 March 2023
… of processing) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data breach Data security …
EDPBI:DK:OSS:D:2022:380
13 June 2022
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Data security Personal data breach Finance Outcome Reprimand …
EDPBI:CY:OSS:D:2021:182
17 February 2021
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data breach Data security Electronic communications …
EDPBI:DK:OSS:D:2021:190
27 January 2021
Decision by the SA
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Data security Personal data breach Employment Outcome No …
EDPBI:AT:OSS:D:2023:860
7 August 2023
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Encryption Notification of personal data breach Outcome Dismissal/Rejection of the case Decision …
Norwegian DPA: Waxing Palace AS fined
28 October 2021
News
… lawfulness, fairness and transparency (article 5 (1) (a)), data minimisation (article 5 (1) (c)), Transparent … relating to CCTV monitoring of salon premises, the Data Protection Authority has concluded that the enterprise … monitoring of the reception area has been found to be in breach of the General Data Protection Regulation (GDPR). The …