21 March 2019
… the data subjects, pursuant to Article 33-34 of the GDPR. The NAIH launched an administrative control procedure, … regarding to Article 9 (1) and Article 33 (1) of the GDPR and the Hungarian Privacy Act Section 60 (1). DK was on … €) to DK for violating the provisions Article 33-34 of the GDPR because DK did not notify the high risk personal data …
22 June 2021
… for violation of the General Data Protection Regulation (GDPR). This case concerns insufficient risk assessment and … that the bank did not meet the requirements of the GDPR for risk assessment and appropriate technical measures … risk assessment and testing as required by the law. The GDPR requires that the data controller carry out risk …
13 July 2020
… breach or mitigate its adverse effects (Art. 33 (3) (d) GDPR) The company hired a forensics firm to identify network … or public com- munication (Art. 34 (1) or Art. 34 (3) (c) GDPR) The concerned data subjects were informed of the … incident occurred, e.g. encryption (Arti- cle 34 (3) (a) GDPR) - 3 - The stolen passwords were hashed with PBKDF2-SHA …
26 March 2019
… their rights under the General Data Protection Regulation (GDPR). Therefore, they had no possibility to object to … the rights we are entitled to in accordance with the GDPR. The decision of the UODO’s President concerned the … the information required under Art. 14 (1) – (3) of the GDPR only in relation to the persons whose e-mail addresses …
21 June 2023
… as follows: Article 5(1)(c) and Article 5(1)(e) of the GDPR The DPC found that Airbnb’s retention of a copy of the … of this complaint in accordance with Article 60(7) of the GDPR. In light of the infringements of Article 5(1)(c) and … a reprimand to Airbnb pursuant to Article 58(2)(b) of the GDPR. In addition, the DPC made the following orders against …
9 June 2020
… supervisory authority has, infringing Article 58.1 of the GDPR. This infringement is typified in Article 83.5(e) of the GDPR and is classified for prescription purposes as very … supervisory authority has, infringing Article 58.1 of the GDPR. This infringement is typified in Article 83.5(e) of …
7 September 2022
… Minimisation (Article 5.1.c) Decision: Infringement of the GDPR; Reprimand; Order to bring the processing operations into compliance with the GDPR Key words: Lawfulness; Purpose limitation; Data … to bring the processing operation into compliance with the GDPR by no longer requiring the conduct of a social and …
20 May 2022
… 12(1), 13, 21(1), 21(2), 24(1), 25(1), and 25(2) of the GDPR, Order to comply with the above Articles, Imposing … the serious infringement of numerous articles of the GDPR for a long period, ordered the data controller to stop … continue the data processing if made compliant with the GDPR, and issued an administrative fine in HUF equal to …
5 November 2024
… the Irish Data Protection Authority under Art. 64 (2) GDPR. EDPB Chair Anu Talus said: “During the stakeholder … the Irish Data Protection Authority under Art. 64 (2) GDPR. EDPB Chair Anu Talus said: “During the stakeholder …
27 January 2023
… that the company did not have the consent required by the GDPR for processing data on body mass indices and maximal … The consent requested did not meet the requirements of the GDPR as it was not specific and informed. The SA finds that … that the company did not have the consent required by the GDPR for processing data on body mass indices and maximal …
2 May 2024
… HELLENIC POST SERVICES S.A. Decision: Infringement of the GDPR, administrative fine Key words: non-compliance with … Hellenic Supervisory Authority (SA), in accordance with the GDPR. The first incident involves a breach of data … HELLENIC POST SERVICES S.A. Decision: Infringement of the GDPR, administrative fine Key words: non-compliance with …
21 May 2025
… consent, in compliance with the requirements of the GDPR, which would have formed the basis for the prospecting … to processing of his or her personal data (Article 7 of the GDPR): The company failed to provide the French SA with … Code (CPCE) and the General Data Protection Regulation (GDPR) regarding the collection and proof of consent. It …
7 October 2019
… of accuracy) of the General Data Protection Regulation (GDPR). It therefore imposed an administrative fine of EUR … for direct marketing purposes (Article 21 (3) of the GDPR) as well as Article 25 (data protection by design) of the GDPR and imposed an administrative fine of EUR 200.000 on …
20 September 2022
… delivering the information notice as per Articles 13 and 14 GDPR; the right of access to one’s personal data and the … rights which are set forth in separate provisions of the GDPR and are intended to afford safeguards and protection in … delivering the information notice as per Articles 13 and 14 GDPR; the right of access to one’s personal data and the …
16 May 2022
… processing - article 32(1). Decision: infringement of the GDPR, administrative fine, order subject to a financial … infringements of the General Data Protection Regulation (GDPR) in its visa-issuing process. In addition to imposing a … processing - article 32(1). Decision: infringement of the GDPR, administrative fine, order subject to a financial …
6 February 2025
… a broad extent, should have a legal basis. In turn, the GDPR clearly provides (in Article 6(1)) that the processing … are under special protection, according to Article 9 of the GDPR. It should be emphasised that the National Public … how it should - in accordance with the provisions of the GDPR - notify the person whose data has been affected by the …
31 October 2019
… b), Article 6 paragraph (1) letter a) and Article 7 of the GDPR , which led to imposing an administrative fine in the … consent, under the conditions provided by Article 7 of the GDPR, for a number of 4357 users , for which it processed … context, we emphasize that according to Article 7 of the GDPR, if the processing is based on consent, the controller …
… Processing of Personal Data pursuant to Art. 42 GDPR (‘GDPR – information privacy standard’), Version 0.9.7 Opinion … IT-supported processing of Personal Data pursuant to art 42 GDPR (‘GDPR – information privacy standard’)” presented 2 …
1 December 2019
… been made. This is, however, mandatory under Art. 37 (7) GDPR. Violations of this requirement are subject to a fine in accordance with Art. 83 Para. 4 lit. a) GDPR. The fine may sound low at first sight. However, … been made. This is, however, mandatory under Art. 37 (7) GDPR. Violations of this requirement are subject to a fine …
16 April 2021
… on the EDPB website. Opinion 14/2021 is based on the GDPR and assesses both general data protection aspects and … on the EDPB website. Opinion 14/2021 is based on the GDPR and assesses both general data protection aspects and …