Search results | European Data Protection Board

Lundbeck Group
5 May 2022
… decision BCR - C Lundbeck Group 92.2KB English Download Pre-GDPR No …
Alfa Laval Group
8 April 2025
… Approval decision (EN) 100.7KB English Swedish Download Pre-GDPR No …
The Norwegian SA imposes fine against Elektro & Automasjon Systemer AS
13 December 2021
News
… Legal basis (Article 6) Decision: Infringement of the GDPR declared and fine imposed, order to establish … Legal basis (Article 6) Decision: Infringement of the GDPR declared and fine imposed, order to establish …
Processing the personal data by a processor must be documented
20 December 2022
News
… that the processing of personal data complies with the GDPR. Key Findings Failure to verify the processor and its … that the processing of personal data complies with the GDPR. Key Findings Failure to verify the processor and its …
Polish SA: risk assessment and acting in accordance with established procedures counteract data loss
20 December 2022
News
… documentation since the beginning of the application of the GDPR and had performed a risk assessment. The controller was … documentation since the beginning of the application of the GDPR and had performed a risk assessment. The controller was …
Second fine by the Romanian Supervisory Authority
2 July 2019
News
… the personal data breach provided by Article 33 of GDPR. The General Regulation on Data Protection establishes, … and updated where necessary.” Moreover, Recital (75) of GDPR states that: “The risk to the rights and freedoms of … the personal data breach provided by Article 33 of GDPR. The General Regulation on Data Protection establishes, …
Launch of coordinated enforcement on role of data protection officers
15 March 2023
News
… the position in their organisations required by Art. 37-39 GDPR and the resources needed to carry out their tasks, … on the role of data protection officers (EN) Italian SA: GDPR: focus dei Garanti europei sul ruolo dei responsabili … the position in their organisations required by Art. 37-39 GDPR and the resources needed to carry out their tasks, …
Decision concerning a complaint directed against Meta Platforms Ireland Limited in respect of the Instagram service made pursuant to Section 113 of the Data Protection Act 2018 (Inquiry 18-5-7)
12 January 2023
Decision by the SA
… Ireland Limited and its Instagram service (Art. 65 GDPR) …
Decision concerning a complaint directed against WhatsApp Ireland Limited in respect of the WhatsApp service made pursuant to Section 113 of the Data Protection Act 2018 (Inquiry 18-5-6)
24 January 2023
Decision by the SA
… by the Irish SA regarding WhatsApp Ireland Limited (Art. 65 GDPR) …
EU Cloud Code of Conduct
20 May 2021
Decision by the SA
… Belgium Type Code for Controllers/Processors subject to GDPR Scope Transnational Opinion/Guideline References …
Ivoclar Vivadent Group
23 July 2024
… 331.8KB German English Download Pre-GDPR No …
Swedish SA: Administrative fine against the Equality Ombudsman when personal data was collected via a web form
15 July 2025
News
… The DO has violated the general data protection regulation (GDPR) by not having taken sufficiently effective security … The DO has violated the general data protection regulation (GDPR) by not having taken sufficiently effective security …
Slovenian SA: launch of coordinated enforcement on role of data protection officers
… the position in their organisations required by Art. 37-39 GDPR and Chapter 6 of the Personal Data Protection Act and … the position in their organisations required by Art. 37-39 GDPR and Chapter 6 of the Personal Data Protection Act and …
EDPB adopts final version of Guidelines on data subject rights - right of access
17 April 2023
News
… aligns the text of the Guidelines with the text of the GDPR, which does not provide for one-stop-shop for … aligns the text of the Guidelines with the text of the GDPR, which does not provide for one-stop-shop for …
‘Easy privacy information via icons? Yes, you can!’ The Italian DPA launches a contest calling for creative ideas from all quarters
14 April 2021
News
… in an information notice under Articles 13 and 14 of the GDPR. Proposals will be welcome until 30 May, 2021 and … in an information notice under Articles 13 and 14 of the GDPR. Proposals will be welcome until 30 May, 2021 and …
Norwegian DPA: Company fined for illegal forwarding of e-mail
13 May 2021
News
… in addition to the requirement for legal basis under the GDPR. Nor had the business drawn up procedures for access to … in addition to the requirement for legal basis under the GDPR. Nor had the business drawn up procedures for access to …
Code of Conduct for the health sector concerning entities performing medical activities and processors
11 December 2023
Decision by the SA
… Poland Type Code for Controllers/Processors subject to GDPR Scope National Monitoring Body KPMG Advisory Ltd …
Decision of the Data Protection Commission made pursuant to Section 111 of the Data Protection Act, 2018 and Articles 60 and 65 of the General Data Protection Regulation
22 May 2023
Binding decision of the Board (Art. 65)
… Platforms Ireland Limited for its Facebook service (Art. 65 GDPR) …
CoC regulating the processing of personal data related to commercial information
29 April 2021
Other
… Italy Type Code for Controllers/Processors subject to GDPR Scope National Monitoring Body Organismo di …
Polish SA: administrative fine of 210 € for failure to notify personal data breach to supervisory authority
28 November 2024
News
… Office then explained the procedure resulting from the GDPR. In the case of such an incident, the risk to which the … a fine of 210 € for infringement of Article 33 of the GDPR. For further information: Decision in national … Office then explained the procedure resulting from the GDPR. In the case of such an incident, the risk to which the …