27 July 2020
… on July 9th on account of several instances of unlawful data processing that were mostly related to marketing. The … similar infringements that had occurred when the previous data protection law was in force. The fine was imposed … activities to call centres, which collected data in breach of the law. The pleadings submitted by Wind Tre and …
5 June 2025
… Article 5 (Principles relating to processing of personal data) Decision: administrative fine Key words: … in this ecosystem, in particular intermediaries who resell data, known as data brokers. Thus, the CNIL carried out … on the market, the financial benefit derived from the breaches and the complete cessation of activity of the …
24 November 2020
… the City of Stockholm 24 November 2020 Sweden The Swedish Data Protection Authority has reviewed the so-called School … Board of Education in the City of Stockholm. The Swedish Data Protection Authority has received a number of personal data breach notifications from the City of Stockholm's Board of …
25 September 2025
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 … access to the IT systems was blocked, resulting in a breach of the confidentiality and availability of personal …
7 October 2019
… a telephone service provider (1) Imposition of a fine for breach of the principle of accuracy and data protection by design when keeping personal data of subscribers The Hellenic DPA has received complaints … of a fine for breach of the principle of accuracy and data protection by design when keeping personal data of …
22 May 2019
… days short of the GDPR’s first anniversary, the European Data Protection Board surveyed the Supervisory Authorities … 2017. Over 144.000 queries and complaints* and over 89.000 data breaches have been logged by the EEA Supervisory … days short of the GDPR’s first anniversary, the European Data Protection Board surveyed the Supervisory Authorities …
15 June 2021
… for inadequate testing 15 June 2021 Norway The Norwegian Data Protection Authority has fined the Norwegian … GDPR violation. The backdrop for this case is that personal data about 3.2 million Norwegians was available online for … Data Protection Authority also found the incident to be in breach of the principles of legality, data minimisation and …
19 March 2019
… Municipality 19 March 2019 On March 19th, the Norwegian Data Protection Authority imposed an administrative fine of … the municipality’s computer system, containing the personal data of over 35,000 pupils and employees of the … individuals, primarily children The fact that the security breach encompasses personal data to over 35 000 individuals, …
5 May 2022
… not exclusively against Google LLC, even if it is the sole data controller. On the basis of the CJEU's Google Spain … shortcomings of the GDPR by Google LLC, (2) that these breaches are attributable to Google Belgium SA and (3) that … SA (highest level of protection for the benefit of the data subjects). Decision Even if the BE SA dismissed the …
18 May 2020
… EDPB Annual Report 2019 1 EDPB Annual Report 2019 1 European Data Protection Board 2019 Annual Report WORKING TOGETHER … duties Guiding principles 5 6 2.1. 2.2. ABOUT THE EUROPEAN DATA PROTECTION BOARD 3 7 2019 - AN OVERVIEW4 8 Functioning … measures for ensuring data protection, which led to data breaches. Several significant incidents involved the …
8 June 2023
… Article 5 (Principles relating to processing of personal data) Article 6 (Lawfulness of processing) Article 9 (Processing of special categories of personal data) Article 12 (Transparent information, communication and … of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Administrative …
13 October 2020
… Topics: Cooperation between authorities The European Data Protection Board welcomes comments on the Guidelines … set out in the Regulation and in accordance with applicable data protection rules. All legal details can be found in our … 9 3.2.2 Risks to fundamental rights and freedoms of data subjects......................................... 10 …
… . The main objective of this programme is to help European Data Protection Authorities (DPAs) increase their capacity to supervise and enforce data protection rules by developing common tools and giving … biometrics including facial recognition DPIA, personal data breaches, risk management Fintech IT auditing, information …
12 February 2019
… Monitoring Bodies under Regulation 2016/679 The European Data Protection Board welcomes comments on the Guidelines … on the EDPB website. If your submission contains personal data, they will also be disclosed on the EDPB website, unless you object to the processing of your data on grounds relating to your particular situation. …
10 December 2019
… the infringement of certain provisions of General Data Protection Regulation (GDPR). The controller was … Hora Credit IFN SA sent documents containing the personal data of another person to the e-mail address. Although this … risks and notification of the ANSPDCP in case of a security breach, under the conditions provided by Article 33 …
5 May 2021
… million fine to Disqus Inc. 5 May 2021 Norway The Norwegian Data Protection Authority has notified Disqus Inc. (Disqus) … it also engages in programmatic advertising. The Norwegian Data Protection Authority was made aware of the matter … In our advance notification, we also consider that Disqus breached the GDPR transparency and information requirements …
2 September 2021
… the draft decision of the IE SA already identified a severe breach of Art. 12-13-14 GDPR. The EDPB identified additional … Art. 5(1)(a) GDPR . Regarding WhatsApp IE’s collection of data of non-users - when users decide to use the Contact … IE does not lead to anonymisation of the collected personal data. Regarding the imposed fine and the calculation of the …
9 November 2020
… 33(3) GDPR on the content of the notification of a personal data breach on security of processing … of Article 34 GDPR on the communication of a personal data breach to the data …
15 October 2020
… and modalities for the exercise of the rights of the data subject) Article 13 (Information to be provided where personal data are collected from the data subject) Article 14 (Information to be provided where … / penalty imposed 40.000 € and requirement of adaptation to data protection regulations 1054-0319 Summary of the …
23 January 2019
… By email only Subject: Co-operation with the European Data Protection Board (02018/010231) Brussels, 23 January … and for your question related to the publication of the data breach notification. I would like to assure you that …