10 March 2020
… for two municipalities 10 March 2020 Denmark The Danish Data Protection Agency has reported the municipality of … of an adequate level of security under the General Data Protection Regulation (GDPR). For the municipalities of … both municipalities notified the agency of personal data breaches relating to the theft of computers containing …
25 November 2020
… Østfold HF Hospital 25 November 2020 Norway The Norwegian Data Protection Authority has decided on an administrative … the safe zone. The case started with a notice of personal data breach from the hospital. The folders where the extracts … The Norwegian Data Protection Authority has decided on an administrative …
16 June 2022
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
28 July 2020
… Article 5 (Principles relating to processing of personal data) Article 12 (Transparent information, communication and modalities for the exercise of the rights of the data subject) Article 13 (Information to be provided where personal data are collected from the data subject) Article 14 …
14 October 2020
… Norwegian Data Protection Authority: Decision to Fine Bergen Municipality 14 October 2020 Norway The Norwegian Data Protection Authority has given Bergen municipality a … Data Protection Authority was notified of a personal data breach by Bergen Municipality regarding the municipality's …
2 February 2024
… 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 9 (Processing of special categories of personal data), Article 15 (Right to access by the data subject) … Right of access, Lawfulness of processing, Personal data breach, Right of access Summary of the Decision Origin …
18 February 2021
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
26 October 2021
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
24 January 2024
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Data security …
16 November 2021
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data …
22 June 2021
… DPA: BRAbank ASA fined 22 June 2021 Norway The Norwegian Data Protection Authority has fined BRAbank EUR 40,000 (NOK 400,000) for violation of the General Data Protection Regulation (GDPR). This case concerns … This matter began with a notice of a personal data breach on 6 September 2019 from what was then Easybank ASA. …
25 March 2019
… The Danish Data Protection Agency proposes a DKK 1,2 million fine for Danish taxi company 25 March 2019 Denmark The Danish Data Protection Agency has issued a statement declaring that … to fine Taxa 4x35 for a total of DKK 1. 2 million for a breach of the GDPR. Taxa 4x35 could be fined for failure to …
9 September 2022
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Notification of …
29 September 2022
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Data security …
8 September 2021
… national case Controller: AG2R LA MONDIALE Legal Reference: Data retention period (Article 5.1.e GDPR), Information … Key words: Insurances, data retention, information Summary of the Decision Origin … comply with articles 5-1-e, 13 and 14 of the GDPR. Decision Breach of Article 5-1-e of the GDPR The company had not …
20 September 2019
… 20 September 2019 Poland The President of the Personal Data Protection Office imposed a fine of an amount higher … and technical measures for the protection of personal data were not appropriate to the risk posed by the … the fine, the supervisory authority concluded that the breach which took place in this case was of considerable …
19 February 2021
… Spanish Data Protection Authority (AEPD) imposes fine of 6.000.000 … EUR on CAIXABANK, S.A., 19 February 2021 Spain The Spanish Data Protection Authority (AEPD) imposed a total fine of … personal data. The AEPD concluded that this constituted a breach of Article 6 of the GDPR, and according to Article 83 …
7 October 2020
… The Belgian Data Protection Authority has issued a warning and reprimand … institution for wrongful processing of personal data from the National Register. 7 October 2020 Belgium The … has the competence to take action in the case of a breach against environmental legislation, for example in the …
24 February 2022
… necessary for the handling of the case constitutes a breach of the obligation to provide the supervisory … related to cooperation with the Polish DPA constitutes a breach of great gravity and as such is subject to financial … necessary for the handling of the case constitutes a breach of the obligation to provide the supervisory …
7 December 2023
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 9 (Processing of special categories of personal data), Article 15 (Right to access by the data subject) … Right of access, Lawfulness of processing, Personal data breach, Right of access Summary of the Decision Origin …