3 January 2024
… 2023 Cross-border case Hungarian National Authority for Data Protection and Freedom of Information (Hungarian Supervisory Authority, SA) and CSAs: Office for Personal Data Protection of the Slovak Republic (Slovak Supervisory …
14 January 2022
… Legal Reference: Principles (Art. 5(1)(f), Art. 5(2)), Data protection by design and by default (Art. 25(1)), Security … fine issued Key words: principles, processing, security, data protection Summary of the Decision Origin of the …
22 July 2021
… children’s privacy 22 July 2021 Netherlands The Dutch Data Protection Authority (DPA) has imposed a fine of € 750,000 … of how the app collects, processes and uses personal data. This is an infringement of privacy legislation, which …
18 December 2019
… EUR against Mrkoll.se – a website that publishes personal data of all Swedes above the age of 16 – for infringement of … runs the website Mrkoll.se. This website publishes personal data of all Swedes above the age of 16. In total, the … frameworks for credit information activity, data protection and the constitutional protection of freedom of …
9 December 2020
… International Company made pursuant to Section 111 of the Data Protection Act 2018 Decision Type SA Ireland 9 December 2020 … at that point, insofar as the Global Data Protection Officer (‘the DPO’) was not added to the incident “ticket”, …
5 December 2018
… Commission Draft Implementing Decision on the adequate protection of personal data in Japan 5 December 2018 Opinion (Art. 70) EDPB … 1 … of complaints regarding the execution of duties by police officers limit the complaints to concrete claims concerning …
19 November 2020
… Euro by Italian DPA 19 November 2020 Italy The Italian data protection supervisory authority (Garante per la protezione … on account of having unlawfully processed the personal data of millions of users for telemarketing purposes. As …
29 November 2019
… the infringement of certain disposition of the General Data Protection Regulation. The Association of Owners was … and organisational measures for the protection of personal data collected through the video surveillance system. At the …
13 January 2021
… threat and remove it led the company ID Finance Poland to data loss. Therefore, the President of the Personal Data Protection Office (UODO) found that the company had not …
21 December 2021
… basis (Article 6), Processing of special categories of data (Article 9) Decision: Infringement of the GDPR declared and fine imposed Key words: Data sharing, behavioural advertisement, special categories … further share the data. Key Findings The Norwegian Data Protection Authority concluded that Grindr has disclosed …
28 October 2021
… and fine imposed Key words: Access Management, Health Data, Information Security Summary of the Decision Origin … to introduce relevant measures in order to improve personal data security. Key Findings The fine is imposed due to a … security in Article 32 cf. article 24 of the General Data Protection Regulation. Decision The Norwegian Data …
… the legal studies as their publication would undermine the protection of legitimate interests, including, inter alia, … of an individual regarding the protection of personal data in accordance with Regulation (EU) 2018/1725 and/or the … or legal person. Study on the secondary use of personal data in the context of scientific research Study on the …
18 November 2025
… Finnish SA: Aktia Bank fined for data security shortcomings in its strong electronic … Article 5 (Principles relating to processing of personal data), Article 25 (Data protection by design and by default), Article 32 (Security …
26 January 2021
… fine to Grindr LLC 26 January 2021 Norway The Norwegian Data Protection Authority has notified Grindr LLC (Grindr) that … - Our preliminary conclusion is that Grindr has shared user data to a number of third parties without legal basis, said …
7 July 2021
… Municipal Council fined 7 July 2021 Norway The Norwegian Data Protection Authority has imposed a EUR 50,000 (NOK 500,000) … Council for failing to adequately protect personal data. The error has been corrected and the case closed. In …
2 July 2025
… the Public Services Card by the Irish Department of Social Protection 2 July 2025 Ireland Background information Date … 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 9 (Processing of special categories of personal data), Article 13 (Information to be provided where …
28 May 2019
… amounts to EUR 2 000 and concerns the misuse of personal data for election purposes. Although the fine is modest, the message is not: Data protection is an important matter to us all, but data …
30 April 2025
… Imposition of a fine on a bank for an incident of personal data breach 30 April 2025 Greece Background information Date … and Confidentiality), Article 15 (Right of access by the data subject), Article 25.1 (Data protection by design and by default), Article 32 (Security …
17 May 2023
… Health data and use of cookies: French SA fines DOCTISSIMO 17 May … 5 (1)(e)(Principles relating to processing of personal data: storage limitation), Article 9 (Processing of special … four breaches of the GDPR and a breach of the French Data Protection Act by DOCTISSIMO: A failure to store data for no …
27 January 2023
… agency for not responding to requests to exercise the data subjects rights 27 January 2023 Finland Background … that the company had not replied to requests to access the data subjects’ data. One of the complainants had received a … regularly failed to reply to requests concerning the data protection rights of the data subject. The Finnish SA finds …