11 February 2021
… its obligations as a controller. According to the Personal Data Protection Office, the controller did not take the necessary … measures in order to ensure the security of personal data contained in the copy of the database of the training … its obligations as a controller. According to the Personal Data Protection Office, the controller did not take the …
13 February 2025
… Information System (IMI) transparency obligations for data controllers . In addition, in July 2023, the CSC … ‘Europol’s information systems - a guide for exercising data subjects’ rights: the right of access, rectification, … programme 2025-2026 . To ensure a continuous high level of protection of individuals’ rights, the Committee will …
12 September 2022
… Hellenic SA: Ex officio audit of processing of personal data in the context of COVID-19 self-test result declaration … GDPR: Principles relating to processing of personal data (Article 5). Information to be provided where personal … data are collected from the data subject (Article 13). Data protection by design and by default (Article 25). Data …
11 September 2020
… 11 September 2020 Poland The President of the Personal Data Protection Office, after having found a personal data … UODO stated that in the case concerned the Data Protection Officer (DPO) performed its tasks without having due regard … The President of the Personal Data Protection Office, after having found a personal data …
29 July 2020
… July 2020 Germany Baden-Wuerttemberg State Commissioner for Data Protection and Freedom of Information imposes fine on AOK Baden-Wuerttemberg – Effective data protection requires regular monitoring and adjustment … Baden-Wuerttemberg State Commissioner for Data Protection and Freedom of Information imposes fine on …
28 October 2021
… Key Findings Upon investigating this matter, The Norwegian Data Protection Authority have concluded that the credit rating … basis, in violation of the requirements of the General Data Protection Regulation. The undertaking did not have a … Key Findings Upon investigating this matter, The Norwegian Data Protection Authority have concluded that the credit …
17 October 2019
… The Spanish Data Protection Authority fined the company Vueling for the … evaluations and statistical calculations on anonymous data, indicating "such information will not be used for any … evaluations and statistical calculations on anonymous data, indicating "such information will not be used for any …
20 October 2020
… Guidelines 4/2019 on Article 25 Data Protection by Design and by Default 20 October 2020 … Adopted 1 Guidelines 4/2019 on Article 25 Data Protection by Design and by Default Version 2.0 Adopted on … Guidelines 4/2019 on Article 25 Data Protection by Design and by Default …
10 March 2020
… for two municipalities 10 March 2020 Denmark The Danish Data Protection Agency has reported the municipality of Gladsaxe … of an adequate level of security under the General Data Protection Regulation (GDPR). For the municipalities of … The Danish Data Protection Agency has reported the municipality of …
22 June 2021
… DPA: BRAbank ASA fined 22 June 2021 Norway The Norwegian Data Protection Authority has fined BRAbank EUR 40,000 (NOK 400,000) for violation of the General Data Protection Regulation (GDPR). This case concerns … The Norwegian Data Protection Authority has fined BRAbank EUR 40,000 (NOK …
8 February 2019
… operations which are subject to the requirement for a Data Protection Impact Assessment under Article 35(4) of the General Data Protection Regulation (EU) 2016/679 (GDPR) Decision … 1 List of processing operations subject to data protection impact assessment Office for Personal Data …
31 October 2019
… entity 31 October 2019 Poland The President of the Personal Data Protection Office (“The President of the Office”) imposed … was that the mayor of the city did not conclude a personal data processing agreement with the entities to which he … The President of the Personal Data Protection Office (“The President of the Office”) …
6 February 2025
… Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 (Security … Article 5 (Principles relating to processing of personal data), Article 28 (Processor) Decision: Administrative fine, … Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 …
19 February 2020
… and modalities for the exercise of the rights of the data subject) Article 17 (Right to erasure (‘right to be … to your company regarding a violation of the General Data Protection Regulation (GDPR) when processing personal data … to have his player account deleted from the controller database of the online game he had previously bought. The …
… EU coordinated action for 2023 15 March 2023 - The European Data Protection Board (EDPB) launches today the second … year on the designation and position of Data Protection Officers (DPOs). As intermediaries between data protection … 15 March 2023 - The European Data Protection Board (EDPB) launches today the second …
… Strategy to streamline enforcement and cooperation among Data Protection Authorities (DPAs). Each year, DPAs select the … on the designation and position of data protection officers (DPOs), 2023 Coordinated Enforcement Action, … Strategy to streamline enforcement and cooperation among Data Protection Authorities (DPAs). Each year, DPAs select …
26 June 2019
… Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data … natural persons with regard to the processing of personal data and on the free movement of such data, and repealing …
1 July 2021
… legal basis After looking into the matter, the Norwegian Data Protection Authority found that the enterprise lacks a legal … of the legal basis requirement established by the General Data Protection Regulation (GDPR). Furthermore, the … legal basis After looking into the matter, the Norwegian Data Protection Authority found that the enterprise lacks a …
26 April 2023
… end on 15 May 2024. The following Heads of national data protection authorities (DPAs) expressed their interest to … end on 15 May 2024. The following Heads of national data protection authorities (DPAs) expressed their interest to …
25 November 2020
… Móviles España 25 November 2020 Spain The Spanish Data Protection Authority (AEPD) imposed a fine of 75.000 EUR on … S.A.U., for unlawfully processing the claimant’s personal data by charging them several invoices corresponding to a … The Spanish Data Protection Authority (AEPD) imposed a fine of 75.000 …