18 January 2024
… One-Stop-Shop case digest on Security of Processing and Data Breach Notification 18 January 2024 Support Pool of Experts … Since the entry into force of the GDPR, data protection authorities (DPAs) have closely cooperated … number of one-stop-shop decisions on data security and data breaches. The one-stop-shop case digest on security of …
1 March 2023
… fine for housing association for lack of personal data breach notification to the Polish SA 1 March 2023 Poland … (i) GDPR, Article 33 (1) GDPR (Notification of a personal data breach to the supervisory authority), Article 34 (1), … (i) GDPR, Article 33 (1) GDPR (Notification of a personal data breach to the supervisory authority), Article 34 (1), …
6 February 2025
… fine of 6 800 € for failure to notify a personal data breach to the supervisory authority 6 February 2025 Poland … Legal Reference (s): Article 33 (Notification of a personal data breach to the supervisory authority), Article 34 … Legal Reference (s): Article 33 (Notification of a personal data breach to the supervisory authority), Article 34 …
14 March 2024
… fine of € 24.000 for failure to notify a personal data breach 14 March 2024 Poland Background information Date of … October 2023 National case Legal Reference(s): Article 35 (Data protection impact assessment), Article 83 (General … October 2023 National case Legal Reference(s): Article 35 (Data protection impact assessment), Article 83 (General …
6 February 2025
… administrative fine of 928 498,06 € for failure to inform data breach victims 6 February 2025 Poland Background information … Reference (s): Article 34 (Communication of a personal data breach to the data subject) Decision: Administrative … Reference (s): Article 34 (Communication of a personal data breach to the data subject) Decision: Administrative …
13 January 2021
… Polish DPA & WARTA: Failure to notify a personal data breach without undue delay as a reason for imposing a fine … Company) infringed the provisions of the General Data Protection Regulation, because it did not notify a … Company) infringed the provisions of the General Data Protection Regulation, because it did not notify a …
15 April 2020
… Article 5 (Principles relating to processing of personal data) Article 7 (Conditions for consent) Article 32 … of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal … 1 Summary Final Decision Art 60 Data breach notification No sanction EDPBI:UK:OSS:D:2020:100 …
22 June 2019
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data … complaint and I am of the view that has complied with its data protection obligations. You have explained that …
10 January 2020
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data … now completed its investigation into the theft of personal data in relation to customers. In summary, it is my …
22 November 2021
… Polish DPA: Bank Millennium fined for failure to notify the breach and the data subjects about the incident 22 November 2021 Poland … S.A. Legal Reference: Notification of a personal data breach to the supervisory authority (Article 33(1)), … S.A. Legal Reference: Notification of a personal data breach to the supervisory authority (Article 33(1)), …
20 February 2020
… and modalities for the exercise of the rights of the data subject) Article 21 (Right to object) Keywords … that took place between the CNIL's services and the Data Protection Officer (hereinafter "DPO") of in the … to object to receive direct marketing by text messages. The breaches identified through the several exchanges between …
6 February 2025
… fine of 19 800 € for failure to notify a personal data breach to the supervisory authority 6 February 2025 Poland … of processing), Article 33 (Notification of a personal data breach to the supervisory authority), Article 34 … of processing), Article 33 (Notification of a personal data breach to the supervisory authority), Article 34 …
28 November 2024
… administrative fine of 210 € for failure to notify personal data breach to supervisory authority 28 November 2024 Poland … Legal Reference: Article 33 (Notification of a personal data breach to the supervisory authority) Decision: … Legal Reference: Article 33 (Notification of a personal data breach to the supervisory authority) Decision: …
7 February 2023
… Failure to notify a personal data breach as the main reason for a fine imposed on a housing … Article 33 (1) GDPR (Notification of a personal data breach to the supervisory authority), Article 34 (1) … Article 33 (1) GDPR (Notification of a personal data breach to the supervisory authority), Article 34 (1) …
16 May 2019
… Article 14 (Information to be provided where personal data have not been obtained from the data subject) Article 24 (Responsibility of the controller) … of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 5 (Principles …
10 September 2025
… Imposition of fines on a telecommunications company and the data processor for personal data breach and insufficient security measures 10 September … Infringement of the GDPR, fines imposed Key words: Data breach, Security of processing, Processor Summary of …
23 September 2022
… General of Poland for failure to notify the personal data breach 23 September 2022 Poland Background information Date … of Poland (GGK) Legal Reference: Notification of a personal data breach to the supervisory authority (Article 33(1)), … of Poland (GGK) Legal Reference: Notification of a personal data breach to the supervisory authority (Article 33(1)), …
17 March 2022
… on Fortum Marketing and Sales Polska S.A. for personal data breach 17 March 2022 Poland Background information Date of … 5(1)(f)), Responsibility of the controller (Art. 24(1)), Data protection by design and by default (Art. 25(1)), … 5(1)(f)), Responsibility of the controller (Art. 24(1)), Data protection by design and by default (Art. 25(1)), …
16 May 2019
… reference Article 6 (Lawfulness of processing) Keywords Data security Lawfulness of processing Personal data breach Outcome No violation Summary 87.7KB Download Decision … Decision: No liability of the processor Key words: Data breach, Lawfulness of processing, Security of …
7 September 2022
… Fine for breaching of the obligation to ensure the security of personal data 7 September 2022 Belgium Background information Date of … easily have had access to various financial and medical data of the complainant. Key Findings In its written … easily have had access to various financial and medical data of the complainant. Key Findings In its written …