19 January 2023
… (Responsibility of the controller), Article 25 (1) (2) (Data protection by design and by default), Article 32 (1) (2) … and (2) GDPR (Principles relating to processing of personal data), Article 57 (1) (a) and (h) GDPR, Article 58 (2) (i) … (Responsibility of the controller), Article 25 (1) (2) (Data protection by design and by default), Article 32 (1) …
8 June 2021
… fines P4 company PLN 100,000 8 June 2021 Poland The Polish Data Protection Authority has imposed an administrative fine of … authority within 24 hours after having detected a personal data breach. The reason for the administrative fine is that … The Polish Data Protection Authority has imposed an administrative fine …
10 March 2025
… provider Sambla Group issued administrative fine for data security neglect 10 March 2025 Finland Background … Article 5 (Principles relating to processing of personal data), Article 25 (Data protection by design and by default), Article 32 (Security … Article 5 (Principles relating to processing of personal data), Article 25 (Data protection by design and by …
2 September 2024
… Administrative fine against bank for transferring customer data to Meta 2 September 2024 Sweden Background information … Article 5 (Principles relating to processing of personal data), Article 32 (Security of processing), Article 83 … data. Decision The bank has violated the general data protection regulation, GDPR, by not having taken appropriate …
22 October 2019
… Greater safeguards for consumers registered in credit databases, transparency on the functioning of algorithms … posed by the digital economy — do not only concern data on loans and mortgages, but also those relating to … guaranteeing the wider rights set out in the European Data Protection Regulation. Only necessary, relevant data not …
26 August 2024
… 290 million euro on Uber because of transfers of drivers' data to the US 26 August 2024 France Netherlands Belgium … International transfer, Third party access to personal data Summary of the Decision Origin of the case The … the US, without using transfer tools. Because of this, the protection of personal data was not sufficient. The Court of …
20 December 2022
… acting in accordance with established procedures counteract data loss 20 December 2022 Poland Background information … case Controller: Mayor of the Commune Legal Reference: Data protection by design and by default Article 25(1) … case Controller: Mayor of the Commune Legal Reference: Data protection by design and by default Article 25(1) …
21 June 2021
… out a fair risk analysis 21 June 2021 Poland The Polish Data Protection Authority has imposed an administrative fine on … PLN 160 000 (EUR 35 000) for failing to notify a personal data protection breach. In addition, the company was fined … The Polish Data Protection Authority has imposed an administrative fine …
2 September 2024
… and modalities for the exercise of the rights of the data subject), Article 15 (Right to access by the data … specifically asked his demand to be transferred to the Data Protection Officer (DPO). However, despite the fact that his request … and modalities for the exercise of the rights of the data subject), Article 15 (Right to access by the data …
10 October 2025
… of all individuals. Processing of individuals’ personal data by the EES The EES records personal data from travel documents such as name, date of birth, and … data is supervised. Ensuring data subject rights The protection of personal data is a fundamental right, which …
29 April 2021
… for Wi-Fi tracking 29 April 2021 Netherlands The Dutch Data Protection Authority (DPA) has fined the municipality of … itself a serious violation of the privacy law: the General Data Protection Regulation (GDPR). ‘People’s privacy must … The Dutch Data Protection Authority (DPA) has fined the municipality …
20 March 2019
… Italian Garante - E-INVOICES: NO DATABASE TO BE SET UP BY ITALY’S REVENUE AGENCY. NO … several criticalities had been highlighted in terms of data protection compatibility of the implementing mechanisms … several criticalities had been highlighted in terms of data protection compatibility of the implementing mechanisms …
31 March 2022
… risks and increase security in the processing of personal data of affected persons. The data that is processed to issue a duplicate SIM card and the … personal data, and their treatment must be subject to data protection regulations. It has been verified that the …
31 March 2022
… risks and increase security in the processing of personal data of affected persons. The data that is processed to issue a duplicate SIM card and the … personal data, and their treatment must be subject to data protection regulations. It has been verified that the …
18 January 2023
… He presented the draft adequacy decision for the EU-U.S. Data Privacy Framework to the Board and had an exchange of … In addition, a list of actions already taken by data protection authorities (DPAs) in the field of cloud … will be on the designation and role of the Data Protection Officer (DPO). In addition, the EDPB adopted a report on the …
21 January 2019
… the company GOOGLE LLC, in accordance with the General Data Protection Regulation (GDPR), for lack of transparency, … ads personalization. On 25 and 28 May 2018, the National Data Protection Commission (CNIL) received group complaints … the company GOOGLE LLC, in accordance with the General Data Protection Regulation (GDPR), for lack of transparency, …
12 July 2019
… the processing operations exempt from the requirement of a data protection impact assessment (Article 35(5) GDPR) 12 July … the processing operations exempt from the requirement of a data protection impact assessment (Article 35(5) GDPR) Adopted on … the processing operations exempt from the requirement of a data protection impact assessment (Article 35(5) GDPR) …
14 August 2020
… nature which should not have been disclosed. The Danish Data Protection Agency assessed the case and found that PrivatBo … has not complied with the requirements of Article 32 of the Data Protection Regulation to implement appropriate … nature which should not have been disclosed. The Danish Data Protection Agency assessed the case and found that …
31 March 2022
… risks and increase security in the processing of personal data of affected persons. The data that is processed to issue a duplicate SIM card and the … personal data, and their treatment must be subject to data protection regulations. It has been verified that the …
31 March 2022
… risks and increase security in the processing of personal data of affected persons. The data that is processed to issue a duplicate SIM card and the … personal data, and their treatment must be subject to data protection regulations. It has been verified that the …