22 June 2021
… DPA: BRAbank ASA fined 22 June 2021 Norway The Norwegian Data Protection Authority has fined BRAbank EUR 40,000 (NOK 400,000) for violation of the General Data Protection Regulation (GDPR). This case concerns … This matter began with a notice of a personal data breach on 6 September 2019 from what was then Easybank ASA. …
7 October 2020
… The Belgian Data Protection Authority has issued a warning and reprimand … institution for wrongful processing of personal data from the National Register. 7 October 2020 Belgium The … has the competence to take action in the case of a breach against environmental legislation, for example in the …
19 February 2021
… Spanish Data Protection Authority (AEPD) imposes fine of 6.000.000 … EUR on CAIXABANK, S.A., 19 February 2021 Spain The Spanish Data Protection Authority (AEPD) imposed a total fine of … personal data. The AEPD concluded that this constituted a breach of Article 6 of the GDPR, and according to Article 83 …
8 September 2021
… national case Controller: AG2R LA MONDIALE Legal Reference: Data retention period (Article 5.1.e GDPR), Information … Key words: Insurances, data retention, information Summary of the Decision Origin … comply with articles 5-1-e, 13 and 14 of the GDPR. Decision Breach of Article 5-1-e of the GDPR The company had not …
25 November 2020
… Østfold HF Hospital 25 November 2020 Norway The Norwegian Data Protection Authority has decided on an administrative … the safe zone. The case started with a notice of personal data breach from the hospital. The folders where the extracts …
14 January 2021
… ..................................................7 4.2.5 Data Subject rights (Clause 8 of the Draft … Adopted 3 The European Data Protection Board and the European Data Protection … at the latest to notify the controller of a personal data breach. Such delay may be short in some situations and may …
28 July 2020
… Article 5 (Principles relating to processing of personal data) Article 12 (Transparent information, communication and modalities for the exercise of the rights of the data subject) Article 13 (Information to be provided where … court bailiff with a report providing details on the GDPR breaches that he considered had been committed in this case. …
16 June 2022
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
20 September 2019
… 20 September 2019 Poland The President of the Personal Data Protection Office imposed a fine of an amount higher … and technical measures for the protection of personal data were not appropriate to the risk posed by the … the fine, the supervisory authority concluded that the breach which took place in this case was of considerable …
18 February 2021
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
26 October 2021
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
24 January 2024
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Data security …
16 November 2021
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
4 May 2021
… green pass and it is affected additionally by several data protection shortcomings including the lack of any … Contrary to the requirements laid down in the EU General Data Protection Regulation, the decree does not specify the … of the controller of the processing at issue, which is in breach of the transparency principle and hampers or …
15 January 2024
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 13 (Information to be provided where personal data are collected from the data subject) Decision: … facility is rented out for events or other gatherings, in breach of Article 6. Furthermore, the Icelandic SA …
9 September 2022
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Notification of …
29 September 2022
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Data security …
18 July 2023
… Romanian SA fines UiPath SRL for breaching Articles 25 and 32 GDPR 18 July 2023 Romania … Controller: UiPath SRL Legal references: Article 25 (Data protection by design and by default), Article 32 … Decision: Administrative fine, Compliance order Key words: Data protection by design and by default, Personal data …
9 December 2020
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data breach Notification of personal data breach Outcome …
1 March 2021
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …