30 December 2021
… Article 5 (Principles relating to processing of personal data) Article 13 (Information to be provided where personal data are collected from the data subject) Article 17 (Right … be informed Right to erasure Data retention Personal data breach Data security Password Outcome Administrative fine …
19 July 2023
… information note for individuals and entities transferring data to the U.S.. This note aims to provide concise and … to the U.S., the redress mechanisms available under the Data Privacy Framework (DPF), and the new redress mechanism … a processing, the strengthening of the duty to notify data breaches to the Japanese data protection authority and to …
13 September 2023
… Article 5 (Principles relating to processing of personal data) Article 25 (Data protection by design and by default) Article 28 … fine Data protection by design and by default Personal data breach Processor Responsibility of the controller Outcome …
27 July 2020
… on July 9th on account of several instances of unlawful data processing that were mostly related to marketing. The … similar infringements that had occurred when the previous data protection law was in force. The fine was imposed … activities to call centres, which collected data in breach of the law. The pleadings submitted by Wind Tre and …
15 April 2024
… fine Keywords: own-initiative investigation, biometric data, Data Protection Impact Assessments Summary of the Decision … on the Hellenic Ministry of Migration and Asylum for the breaches found in relation to the cooperation with the … fine Keywords: own-initiative investigation, biometric data, Data Protection Impact Assessments Summary of the …
24 November 2020
… the City of Stockholm 24 November 2020 Sweden The Swedish Data Protection Authority has reviewed the so-called School … Board of Education in the City of Stockholm. The Swedish Data Protection Authority has received a number of personal data breach notifications from the City of Stockholm's Board of …
5 June 2025
… Article 5 (Principles relating to processing of personal data) Decision: administrative fine Key words: … in this ecosystem, in particular intermediaries who resell data, known as data brokers. Thus, the CNIL carried out … on the market, the financial benefit derived from the breaches and the complete cessation of activity of the …
25 September 2025
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 … access to the IT systems was blocked, resulting in a breach of the confidentiality and availability of personal …
15 June 2021
… for inadequate testing 15 June 2021 Norway The Norwegian Data Protection Authority has fined the Norwegian … GDPR violation. The backdrop for this case is that personal data about 3.2 million Norwegians was available online for … Data Protection Authority also found the incident to be in breach of the principles of legality, data minimisation and …
7 October 2019
… a telephone service provider (1) Imposition of a fine for breach of the principle of accuracy and data protection by design when keeping personal data of subscribers The Hellenic DPA has received complaints … of a fine for breach of the principle of accuracy and data protection by design when keeping personal data of …
22 May 2019
… days short of the GDPR’s first anniversary, the European Data Protection Board surveyed the Supervisory Authorities … 2017. Over 144.000 queries and complaints* and over 89.000 data breaches have been logged by the EEA Supervisory … days short of the GDPR’s first anniversary, the European Data Protection Board surveyed the Supervisory Authorities …
19 March 2019
… Municipality 19 March 2019 On March 19th, the Norwegian Data Protection Authority imposed an administrative fine of … the municipality’s computer system, containing the personal data of over 35,000 pupils and employees of the … individuals, primarily children The fact that the security breach encompasses personal data to over 35 000 individuals, …
5 May 2022
… not exclusively against Google LLC, even if it is the sole data controller. On the basis of the CJEU's Google Spain … shortcomings of the GDPR by Google LLC, (2) that these breaches are attributable to Google Belgium SA and (3) that … SA (highest level of protection for the benefit of the data subjects). Decision Even if the BE SA dismissed the …
18 December 2020
… Type: Guidelines Topics: Restrictions The European Data Protection Board welcomes comments on the Guidelines … set out in the Regulation and in accordance with applicable data protection rules. All legal details can be found in our … GDPR........................... 9 3.3.7 Protection of the data subject or the rights and freedoms of …
6 September 2020
… Type: Guidelines Topics: Controller Processor The European Data Protection Board welcomes comments on the Guidelines … set out in the Regulation and in accordance with applicable data protection rules. All legal details can be found in our … play a crucial role in the application of the General Data Protection Regulation 2016/679 (GDPR), since they …
18 May 2020
… EDPB Annual Report 2019 1 EDPB Annual Report 2019 1 European Data Protection Board 2019 Annual Report WORKING TOGETHER … duties Guiding principles 5 6 2.1. 2.2. ABOUT THE EUROPEAN DATA PROTECTION BOARD 3 7 2019 - AN OVERVIEW4 8 Functioning … measures for ensuring data protection, which led to data breaches. Several significant incidents involved the …
8 June 2023
… Article 5 (Principles relating to processing of personal data) Article 6 (Lawfulness of processing) Article 9 (Processing of special categories of personal data) Article 12 (Transparent information, communication and … of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Administrative …
… . The main objective of this programme is to help European Data Protection Authorities (DPAs) increase their capacity to supervise and enforce data protection rules by developing common tools and giving … biometrics including facial recognition DPIA, personal data breaches, risk management Fintech IT auditing, information …
10 December 2019
… the infringement of certain provisions of General Data Protection Regulation (GDPR). The controller was … Hora Credit IFN SA sent documents containing the personal data of another person to the e-mail address. Although this … risks and notification of the ANSPDCP in case of a security breach, under the conditions provided by Article 33 …
5 May 2021
… million fine to Disqus Inc. 5 May 2021 Norway The Norwegian Data Protection Authority has notified Disqus Inc. (Disqus) … it also engages in programmatic advertising. The Norwegian Data Protection Authority was made aware of the matter … In our advance notification, we also consider that Disqus breached the GDPR transparency and information requirements …