Search results | European Data Protection Board

EDPBI:FR:OSS:D:2021:201
31 March 2021
Decision by the SA
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data breach Outcome Reprimand Decision 202.5KB Download …
EDPBI:AT:OSS:D:2023:860
7 August 2023
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Encryption Notification of personal data breach Outcome Dismissal/Rejection of the case Decision …
EDPBI:DK:OSS:D:2022:380
13 June 2022
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Data security Personal data breach Finance Outcome Reprimand …
EDPBI:NL:OSS:D:2020:173
10 December 2020
Decision by the SA
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Notification of personal data breach Administrative fine Outcome Administrative fine …
Polish DPA imposes a fine on Warsaw University of Technology for not complying with its obligation
14 January 2022
News
… Legal Reference: Principles (Art. 5(1)(f), Art. 5(2)), Data protection by design and by default (Art. 25(1)), … fine issued Key words: principles, processing, security, data protection Summary of the Decision Origin of the … after the Polish Data Protection Authority received a data breach notification. As it was indicated, an unauthorized …
The Norwegian SA issues fine to the Norwegian Public Service Pension Fund
24 November 2021
News
… Reference: Principles relating to processing of personal data (article 5), Legal basis (Article 6) Decision: Infringement of the GDPR Key words: Income Data, Lack of Procedures, Special Categories of Data … and national insurance. The Norwegian SA concluded that SPK breached the fundamental principles for the processing of …
EDPBI:FR:OSS:D:2022:437
28 July 2022
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Data security Encryption Notification of personal data …
EDPBI:FR:OSS:D:2024:1433
4 September 2024
… NO Main legal reference Article 15 (Right of access by the data subject) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data …
Biometrics for attendance recording. The Italian SA fines a high school
16 September 2025
News
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 9 (Processing of special categories of personal data), Article 13 (Information to be provided where … scrive a Confcommercio: attenzione agli abusi - Data breach, il Garante sanziona Poste Vita per 80mila euro - …
EDPBI:FR:OSS:D:2021:297
22 November 2021
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Data security Notification of personal data breach Outcome …
EDPBI:SE:OSS:D:2022:465
18 August 2022
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Definition of controller Personal data breach Outcome No violation Decision 75.3KB Download …
EDPBI:FR:OSS:D:2024:1411
19 August 2024
… of the controller) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Accountability Personal data breach Outcome Dismissal/Rejection of the case …
EDPBI:DK:OSS:D:2023:734
2 May 2023
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Data subject …
The French Supervisory Authority fines ORANGE €50 million
23 January 2025
News
… spite of user consent withdrawal (Article 82 of the French Data Protection Act) Decision: Infringement of the French … Electronic Communications Code, Infringement of the French Data Protection Act, Administrative fine Key words: … spite of user consent withdrawal Decision For these two breaches, the restricted committee decided to impose a …
EDPBI:NO:OSS:D:2023:850
21 June 2023
… Article 5 (Principles relating to processing of personal data) Article 32 (Security of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Data …
EDPBI:AT:OSS:D:2021:264
4 August 2021
… Main legal reference Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Personal data breach Outcome No sanction Decision 152.1KB Download …
Clubhouse fined EUR 2 million by the Italian SA
20 January 2023
News
… Reference: Principles relating to processing of personal data (Article 5(1)(a)(e); Lawfulness of processing (Article … and modalities for the exercise of the rights of the data subject (Article 12); Information to be provided where … failure to designate a representative in the EU in breach of Article 27(4); failure to carry out a DPIA with …
EDPBI:DEHE:OSS:D:2020:162
11 November 2020
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Article 34 (Communication of a personal data breach to the data subject) Keywords Data security …
EDPBI:FR:OSS:D:2025:3488
27 May 2025
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Notification of personal data breach Data security Outcome No sanction Other …
EDPBI:NO:OSS:D:2021:219
12 May 2021
… of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Data security Personal data breach Outcome No violation …