29 July 2022
… a dispute resolution decision on the basis of Art. 65 GDPR . The binding decision seeks to address the lack of … with Art. 5(1)(a) and (c), 6(1), 12(1), 13, 24, 25 and 35 GDPR in respect of certain processing of children’s personal … draft decision with the CSAs in accordance with Art. 60(3) GDPR. Several CSAs issued objections pursuant to Art. 60(4) …
… Leaflet Cooperation & consistency procedures under the GDPR Article 65 FAQ One-Stop-Shop Procedure Urgency … Leaflet Cooperation & consistency procedures under the GDPR Article 65 FAQ One-Stop-Shop Procedure Urgency …
23 November 2021
… should be consistent with the obligations laid down in the GDPR and should facilitate the compliance of cloud service providers and their clients with the GDPR, also considering the Schrems II ruling. … should be consistent with the obligations laid down in the GDPR and should facilitate the compliance of cloud service …
5 July 2018
… (ICANN), providing guidance to enable ICANN to develop a GDPR-compliant model for access to personal data processed … personal data concerning registrants in compliance with the GDPR, without leading to an unlimited publication of those … (ICANN), providing guidance to enable ICANN to develop a GDPR-compliant model for access to personal data processed …
30 June 2022
… regarding the structural and procedural enforcement of the GDPR and its work to promote and safeguard data protection … concerning Accor SA. In accordance with Art. 65 (5) GDPR, the EDPB will publish its decision on its website … concerning Accor SA. In accordance with Art. 65 (5) GDPR, the EDPB will publish its decision on its website …
4 November 2019
… conjunction with Article 5 paragraph (1) letter f) of the GDPR, which lead to the application of an administrative … the provisions of Article 32 paragraph (1) letter d) of the GDPR. In this context, we mention that Article 25 paragraph (1) of GDPR provides the following: ”Taking into account the state …
19 December 2023
… any of the draft pledge principles would be contrary to the GDPR and the ePrivacy Directive. The draft pledging … by organisations does not equal compliance with the GDPR or ePrivacy Directive. The data protection authorities … competent to exercise their powers when necessary. Topics: GDPR e-Privacy …
16 June 2020
… processing of his data for marketing purposes (article 15.3 GDPR), and for not collaborating with the authority (article 31 GDPR). In a previous decision, the Belgian DPA had ordered … a complete lack of interest for both the application of the GDPR and the procedure. For this attitude, as well as the …
9 January 2025
… Key Findings The CNIL found several breaches of the GDPR: Failure to comply with the obligation to have a legal basis (Article 6 of the GDPR) Failure to comply with the obligation to define and … to the purpose of the processing (Article 5-1-e of the GDPR) Failure to comply with the obligation to provide …
23 January 2025
… Key Findings The CNIL found several breaches of the GDPR: Failure to comply with the obligation to have a legal basis (Article 6 of the GDPR) Failure to comply with the obligation to define and … to the purpose of the processing (Article 5-1-e of the GDPR) Failure to comply with the obligation to provide …
31 May 2023
… national case: National case Legal references: Art. 5(1)(a) GDPR, Art. 15 (1)(h) GDPR, Art. 22(3) GDPR Decision: Administrative fine Key words: Algorithms, … national case: National case Legal references: Art. 5(1)(a) GDPR, Art. 15 (1)(h) GDPR, Art. 22(3) GDPR Decision: …
20 July 2022
… case Controller: Clearview AI Inc. Legal Reference: GDPR: Article 3: Territorial scope. Article 5(1)(a) and (2): … not established in the Union. Decision: Infringement of the GDPR, Administrative fine. Key words: Web scraping, Images … and transparency (art. 5 paragraphs 1(a) and (2), 6, 9 GDPR) and its obligations under Articles 12, 14, 15 and 27 …
5 August 2020
… breach or to mitigate its adverse effects (Art. 33 (3) (d) GDPR) The passwords of the affected accounts have been … or public communi- cation (Art. 34(1) or Art. 34(3) (c) GDPR) The controller has notified all data subjects and … the incident occurred, e.g. encryption (Article 34 (3) (a) GDPR) No particular measures beyond the standard IT security …
… context of scientific research Study on the enforcement of GDPR obligations against entities established outside the EEA but falling under Article 3(2) GDPR Study on the national administrative rules impacting … study on the appropriate safeguards under Article 89(1) GDPR for the processing of personal data for scientific …
13 September 2022
… tar-Regolament Ġenerali dwar il-Protezzjoni tad-Data (GDPR). Hemm aspettattivi għoljin rigward is-suċċess tal-GDPR f’dak li huwa trażżin tal-abbużi fir-rigward … aktar id-doveri legali tiegħu fil-qadi tal-EDPB u tal-GDPR. Jekk dan iseħħ, l-infurzar tad-drittijiet …
10 June 2022
… of the whistle-blowing management system Legal Reference: GDPR: Art. 5, para. 1, letters a) and f) (lawfulness, … of processing); Art. 35 (DPIA). Decision: finding of GDPR infringement; imposition of administrative fine. Key … activity was found in the record referred to in Article 30 GDPR; the authentication credentials enabling the …
27 January 2020
… of personal data", as defined under Article 9(1) of the GDPR. Providing personal data to an automated system, … needs to be in line with the principles defined in the GDPR. The controller carried out an impact assessment of the … issues with specific rules in line with article 88 of the GDPR. After assessing all the elements gathered for the …
12 September 2022
… Affairs, Greek Seamen’s Fund (NAT) Legal Reference: GDPR: Principles relating to processing of personal data … assessment (Article 35) Decision: Infringement of the GDPR, Reprimand, Administrative fines Key words: Ex officio … (SA), in exercising its ex officio competence under the GDPR and the national Law 4624/2019 , examined the …
7 October 2020
… Register, constitutes unlawful processing (article 6.1 GDPR), as the legal ground for the processing activities in … carrying out a task in the public interest (article 6.1.e. GDPR), and this processing in concreto was not necessary to … data minimisation (resp. article 5.1.d. and article 5.1.c. GDPR.), which means the institution breaches these …
25 September 2025
… was signed, despite the fact that in accordance with the GDPR (Art. 28 (4) and (9)) and the concluded obligation … concerning the protection of personal data (Article 38 (1) GDPR). In McDonald’s, the DPO was not involved in the … fine of 387 738 € for infringement of Article 28 (1) of the GDPR, EUR 3 231 143 for infringement of Article 24 (1), 25 …