17 May 2023
… Health data and use of cookies: French SA fines DOCTISSIMO 17 May … 5 (1)(e)(Principles relating to processing of personal data: storage limitation), Article 9 (Processing of special … four breaches of the GDPR and a breach of the French Data Protection Act by DOCTISSIMO: A failure to store data for no …
29 November 2019
… the infringement of certain disposition of the General Data Protection Regulation. The Association of Owners was … and organisational measures for the protection of personal data collected through the video surveillance system. At the … the infringement of certain disposition of the General Data Protection Regulation. The Association of Owners was …
19 November 2020
… Euro by Italian DPA 19 November 2020 Italy The Italian data protection supervisory authority (Garante per la protezione … on account of having unlawfully processed the personal data of millions of users for telemarketing purposes. As … The Italian data protection supervisory authority (Garante per la …
19 January 2021
… Guidelines 01/2021 on Examples regarding Data Breach Notification Start Date: 19 January 2021 End … Publication Type: Guidelines Topics: Cybersecurity and data breach The European Data Protection Board welcomes comments on the Guidelines … consultation Guidelines 01/2021 on Examples regarding Data Breach Notification Adopted on 14 January 2021 Version …
13 January 2021
… threat and remove it led the company ID Finance Poland to data loss. Therefore, the President of the Personal Data Protection Office (UODO) found that the company had not … threat and remove it led the company ID Finance Poland to data loss. Therefore, the President of the Personal Data …
27 January 2023
… agency for not responding to requests to exercise the data subjects rights 27 January 2023 Finland Background … that the company had not replied to requests to access the data subjects’ data. One of the complainants had received a … regularly failed to reply to requests concerning the data protection rights of the data subject. The Finnish SA finds …
28 October 2021
… and fine imposed Key words: Access Management, Health Data, Information Security Summary of the Decision Origin … to introduce relevant measures in order to improve personal data security. Key Findings The fine is imposed due to a … security in Article 32 cf. article 24 of the General Data Protection Regulation. Decision The Norwegian Data …
… the legal studies as their publication would undermine the protection of legitimate interests, including, inter alia, … of an individual regarding the protection of personal data in accordance with Regulation (EU) 2018/1725 and/or the … or legal person. Study on the secondary use of personal data in the context of scientific research Study on the …
7 July 2021
… Municipal Council fined 7 July 2021 Norway The Norwegian Data Protection Authority has imposed a EUR 50,000 (NOK 500,000) … Council for failing to adequately protect personal data. The error has been corrected and the case closed. In … The Norwegian Data Protection Authority has imposed a EUR 50,000 (NOK …
21 December 2021
… basis (Article 6), Processing of special categories of data (Article 9) Decision: Infringement of the GDPR declared and fine imposed Key words: Data sharing, behavioural advertisement, special categories … further share the data. Key Findings The Norwegian Data Protection Authority concluded that Grindr has disclosed …
26 January 2021
… fine to Grindr LLC 26 January 2021 Norway The Norwegian Data Protection Authority has notified Grindr LLC (Grindr) that … - Our preliminary conclusion is that Grindr has shared user data to a number of third parties without legal basis, said … The Norwegian Data Protection Authority has notified Grindr LLC (Grindr) …
28 May 2019
… amounts to EUR 2 000 and concerns the misuse of personal data for election purposes. Although the fine is modest, the message is not: Data protection is an important matter to us all, but data … amounts to EUR 2 000 and concerns the misuse of personal data for election purposes. Although the fine is modest, the …
6 January 2023
… on Viking Line for unlawful processing of employees' health data 6 January 2023 Finland Sweden Estonia Norway Background … Controller: Viking Line Oy Abp Legal Reference: accuracy of data (Article 5(1)(d)), data protection by design and by default (Article 25(1)), right …
27 February 2024
… Coordinated Enforcement Action, Designation and Position of Data Protection Officers 17 January 2024 Publication Type: Other Topics: …
30 June 2021
… - Improvements are needed 30 June 2021 Germany The data protection supervisory authorities of several German States … to the protection of their IT systems and their personal data. Initial adjustments made by some controllers have not … The data protection supervisory authorities of several German …
6 December 2024
… fine imposed on Posti for unlawful processing of personal data 6 December 2024 Finland Background information Date of … Article 13 (Information to be provided where personal data are collected from the data subject) Article 5 … relating to processing of personal data) Article 25 (Data protection by design and by default) Decision: …
7 November 2019
… with Article 32 paragraphs (1) and (2) of the General Data Protection Regulation. The investigation was carried out as a result of a data breach notification of the supervisory authority by SC … with Article 32 paragraphs (1) and (2) of the General Data Protection Regulation. The investigation was carried …
8 May 2024
… € 856,000 for failing to define storage period of customer data 8 May 2024 Finland Background information Date of final … Article 5 (Principles relating to processing of personal data), Article 25 (Data protection by design and by default) Decision: … Article 5 (Principles relating to processing of personal data), Article 25 (Data protection by design and by default) …
30 June 2021
… Article 13 (Information to be provided where personal data are collected from the data subject) Article 37 (Designation of the data protection officer) Keywords Transparency Right to be informed Data …
… Guidelines During its first plenary meeting the European Data Protection Board endorsed the GDPR related WP29 Guidelines: … 2016/679, WP248 rev.01 Guidelines on Data Protection Officers ('DPO'), WP243 rev.01 Guidelines for identifying a … During its first plenary meeting the European Data Protection Board endorsed the GDPR related WP29 …