18 December 2024
… Article 5 (Principles relating to processing of personal data) Article 24 (Responsibility of the controller) Article … of processing) Article 34 (Communication of a personal data breach to the data subject) Keywords Principles …
13 May 2021
… 1, letters a) and c) (lawfulness, fairness, transparency; data minimisation); Article 6 (Lawful processing); Article 9 (Processing of special category data); Article 13 (Information); Article 35 (DPIA); Article … nature of the information that had been processed in breach of the law. Additionally, the municipality was …
5 May 2022
… and fine imposed Key words: special categories of personal data, unauthorised access Summary of the Decision Origin … of 21 attachments contained special categories of personal data, see Article 9 (1) of the GDPR. The municipality … Authority also received notice of a personal data breach from Lillestrøm Municipal Council on 29 September. …
28 November 2024
… Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 … Article 5 (Principles relating to processing of personal data) Decision: Administrative fine, Compliance order Key … Administrative fine, Data subject rights, Personal data breach, Principles relating to processing of personal data, …
12 February 2019
… Administrative Arrangement for the transfer of personal data between European Economic Area (“EEA”) Financial … 8 adopted 3 The European Data Protection Board Having regard to Article 63, Article … such as “personal data”, “processing”, “personal data breach”, “right of access”, “right of erasure” which are in …
18 December 2019
… 18 December 2019 Germany The Federal Commissioner for Data Protection and Freedom of Information (BfDI) imposed a … another case, the BfDI imposed a fine of EUR 10. 000 on Rapidata GmbH. Concerning this matter, the Federal Commissioner … The BfDI considers this authentication procedure to be in breach of Article 32 of the GDPR which obliges the company …
… taken by, and involving, different SAs relating to specific data subject rights. The projects are conducted by external … One-Stop-Shop case digest on Security of Processing and Data Breach Notification 18 January 2024 Publication Type: …
28 October 2021
… Reference: GDPR: Article 5 (Principles applying to personal data processing); Article 6 (Lawfulness of processing); … service; inbound calls management; trade union agreements; data minimization Summary of the … found that the company had processed its employees’ data in breach of sector-specific national law and the general …
11 October 2018
… operations which are subject to the requirement for a Data Protection Impact Assessment under Article 35(4) of the General Data Protection Regulation (EU) 2016/679 (GDPR) Decision … challenges freedom of movement), or any data whose breach can substantially affect the data subject’s daily …
18 December 2018
… operations which are subject to the requirement for a Data Protection Impact Assessment under Article 35(4) of the General Data Protection Regulation (EU) 2016/679 (GDPR) Decision … the processing is of such a nature that a personal data breach could jeopardise the [physical] health or safety of …
26 July 2019
… operations which are subject to the requirement for a Data Protection Impact Assessment under Article 35(4) of the General Data Protection Regulation (EU) 2016/679 (GDPR) Decision … used only in case of the need for analysis of incidents of breach of law. The means of public transport, the cities …
25 September 2025
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 … access to the IT systems was blocked, resulting in a breach of the confidentiality and availability of personal …
15 June 2021
… for inadequate testing 15 June 2021 Norway The Norwegian Data Protection Authority has fined the Norwegian … GDPR violation. The backdrop for this case is that personal data about 3.2 million Norwegians was available online for … Data Protection Authority also found the incident to be in breach of the principles of legality, data minimisation and …
24 November 2020
… the City of Stockholm 24 November 2020 Sweden The Swedish Data Protection Authority has reviewed the so-called School … Board of Education in the City of Stockholm. The Swedish Data Protection Authority has received a number of personal data breach notifications from the City of Stockholm's Board of …
27 July 2020
… on July 9th on account of several instances of unlawful data processing that were mostly related to marketing. The … similar infringements that had occurred when the previous data protection law was in force. The fine was imposed … activities to call centres, which collected data in breach of the law. The pleadings submitted by Wind Tre and …
4 September 2025
… without free and informed consent (Article 82 of the French Data Protection Act) Decision: Infringement of the French … Electronic Communications Code, Infringement of the French Data Protection Act, Administrative fine and injunction Key … this context was therefore not valid, which constituted a breach of the French Data Protection Act (Article 82). …
28 January 2020
… Guidelines 1/2020 on processing personal data in the context of connected vehicles and mobility … reference: 1/2020 Guidelines 1/2020 on processing personal data in the context of connected vehicles and mobility … connected vehicles are critical systems where a security breach may endanger the life of its users and Adopted - …
19 March 2019
… Municipality 19 March 2019 On March 19th, the Norwegian Data Protection Authority imposed an administrative fine of … the municipality’s computer system, containing the personal data of over 35,000 pupils and employees of the … individuals, primarily children The fact that the security breach encompasses personal data to over 35 000 individuals, …
7 October 2019
… a telephone service provider (1) Imposition of a fine for breach of the principle of accuracy and data protection by design when keeping personal data of subscribers The Hellenic DPA has received complaints …
28 November 2024
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), … order Key words: Accountability, Administrative fine, Data subject rights, Hacker attack, National identification … have had a real impact on the occurrence of a personal data breach. Key Findings The President of the Personal Data …