Search results | European Data Protection Board

The Romanian National Supervisory Authority sancions SC CNTAR TAROM SA
7 November 2019
News
… with Article 32 paragraphs (1) and (2) of the General Data Protection Regulation. The investigation was carried out as a result of a data breach notification of the supervisory authority by SC …
EDPBI:ES:OSS:D:2021:277
15 September 2021
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data breach Data security Outcome No sanction decision.pdf …
The Norwegian SA issues fine to the Norwegian Public Service Pension Fund
24 November 2021
News
… Reference: Principles relating to processing of personal data (article 5), Legal basis (Article 6) Decision: Infringement of the GDPR Key words: Income Data, Lack of Procedures, Special Categories of Data … and national insurance. The Norwegian SA concluded that SPK breached the fundamental principles for the processing of …
EDPBI:SI:OSS:D:2023:680
8 March 2023
… of processing) Article 34 (Communication of a personal data breach to the data subject) Keywords Personal data breach Data security …
Polish DPA imposes a fine on Warsaw University of Technology for not complying with its obligation
14 January 2022
News
… Legal Reference: Principles (Art. 5(1)(f), Art. 5(2)), Data protection by design and by default (Art. 25(1)), … fine issued Key words: principles, processing, security, data protection Summary of the Decision Origin of the … after the Polish Data Protection Authority received a data breach notification. As it was indicated, an unauthorized …
EDPBI:SE:OSS:D:2023:774
30 May 2023
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Article 32 (Security of processing) Keywords Data security Sensitive data Personal data breach Outcome No …
EDPBI:DK:OSS:D:2021:190
27 January 2021
Decision by the SA
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Data security Personal data breach Employment Outcome No …
EDPBI:RO:OSS:D:2023:760
24 April 2023
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data breach Data security Outcome No sanction Decision …
EDPBI:CY:OSS:D:2021:182
17 February 2021
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data breach Data security Electronic communications …
EDPBI:FR:OSS:D:2021:201
31 March 2021
Decision by the SA
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data breach Outcome Reprimand Decision 202.5KB Download … …
EDPBI:AT:OSS:D:2023:860
7 August 2023
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Encryption Notification of personal data breach Outcome Dismissal/Rejection of the case Decision …
EDPBI:DK:OSS:D:2022:380
13 June 2022
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Data security Personal data breach Finance Outcome Reprimand …
Clubhouse fined EUR 2 million by the Italian SA
20 January 2023
News
… Reference: Principles relating to processing of personal data (Article 5(1)(a)(e); Lawfulness of processing (Article … and modalities for the exercise of the rights of the data subject (Article 12); Information to be provided where … failure to designate a representative in the EU in breach of Article 27(4); failure to carry out a DPIA with …
EDPBI:NL:OSS:D:2020:173
10 December 2020
Decision by the SA
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Notification of personal data breach Administrative fine Outcome Administrative fine …
EDPBI:FR:OSS:D:2022:437
28 July 2022
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Data security Encryption Notification of personal data …
EDPBI:FR:OSS:D:2024:1433
4 September 2024
… NO Main legal reference Article 15 (Right of access by the data subject) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data …
EDPBI:FR:OSS:D:2021:297
22 November 2021
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Data security Notification of personal data breach Outcome …
The French Supervisory Authority fines ORANGE €50 million
23 January 2025
News
… spite of user consent withdrawal (Article 82 of the French Data Protection Act) Decision: Infringement of the French … Electronic Communications Code, Infringement of the French Data Protection Act, Administrative fine Key words: … spite of user consent withdrawal Decision For these two breaches, the restricted committee decided to impose a …
EDPBI:DK:OSS:D:2023:734
2 May 2023
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Data subject …
EDPBI:SE:OSS:D:2022:465
18 August 2022
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Definition of controller Personal data breach Outcome No violation Decision 75.3KB Download … …