28 November 2024
… Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 … Article 5 (Principles relating to processing of personal data) Decision: Administrative fine, Compliance order Key … Administrative fine, Data subject rights, Personal data breach, Principles relating to processing of personal data, …
16 May 2024
… Article 5 (Principles relating to processing of personal data) Keywords Retention time Personal data breach Outcome Dismissal/Rejection of the case No …
28 October 2021
… Reference: GDPR: Article 5 (Principles applying to personal data processing); Article 6 (Lawfulness of processing); … service; inbound calls management; trade union agreements; data minimization Summary of the … found that the company had processed its employees’ data in breach of sector-specific national law and the general …
17 September 2024
… Article 5 (Principles relating to processing of personal data) Decision: Administrative fine Key words: Health … had processed, without authorisation, non-anonymous health data, transmitted to its customers in order to carry out … of April 10, 2014). Then, the French SA found two breaches: Failure to comply with the obligation to carry out …
7 February 2024
… Article 5 (Principles relating to processing of personal data) Article 32 (Security of processing) Keywords Clients Data security Phishing emails Personal data breach Outcome Compliance order …
4 November 2021
… Article 5 (Principles relating to processing of personal data) Article 32 (Security of processing) Keywords Personal data breach Data security Fraud Third party access to personal …
4 October 2023
… Article 5 (Principles relating to processing of personal data) Article 15 (Right of access by the data subject) Article 34 (Communication of a personal data breach to the data subject) Keywords Data minimisation Data …
18 December 2019
… 18 December 2019 Germany The Federal Commissioner for Data Protection and Freedom of Information (BfDI) imposed a … another case, the BfDI imposed a fine of EUR 10. 000 on Rapidata GmbH. Concerning this matter, the Federal Commissioner … The BfDI considers this authentication procedure to be in breach of Article 32 of the GDPR which obliges the company …
10 November 2020
… after the company notified the Irish SA of a personal data breach on 8 January 2019. In May 2020, the Irish SA shared … the role of Twitter International Company as the (sole) data controller, and the quantification of the proposed … after the company notified the Irish SA of a personal data breach on 8 January 2019. In May 2020, the Irish SA …
14 August 2024
… Article 5 (Principles relating to processing of personal data) Article 32 (Security of processing) Keywords Personal data breach Outcome Administrative fine decision-no-1400.pdf …
6 January 2021
… and modalities for the exercise of the rights of the data subject) Article 32 (Security of processing) Keywords Personal data breach Data security Password Data subject rights …
23 January 2024
… Article 5 (Principles relating to processing of personal data), Article 6 (Lawfulness of processing), Article 12 … and modalities for the exercise of the rights of the data subject), Article 13 (Information to be provided where … from employees. Key Findings The French SA found several breaches of the GDPR regarding: Warehouse stock and order …
21 May 2025
… professionals in the sector, particularly those who resell data, including the many intermediaries in this ecosystem known as data brokers. The French SA carried out investigations on … on the market, the financial benefit derived from the breaches, and the measures taken by the company to comply …
4 September 2025
… STYLES SERVICES CO. LIMITED Legal Reference: The French Data Protection Act (Article 82): failure to obtain user … withdrawing consent Decision: Infringement of the French Data Protection Act, Administrative fine Key words: Cookies … it has repeatedly sanctioned organisations for similar breaches and has made its decisions public. The massive …
23 April 2025
… and modalities for the exercise of the rights of the data subject) Article 15 (Right of access by the data subject) Article 32 (Security of processing) Keywords Consumer protection Personal data breach E-Commerce Outcome No sanction SA LU Decision 861.5KB …
21 October 2022
… regarding their approval by the Board as European Data Protection Seal pursuant to Article 42.5 (GDPR) 10 … the design choices for a digital euro from the privacy and data protection perspective 10 October 2022 Publication … public consultation. Guidelines 9/2022 on personal data breach notification under GDPR 10 October 2022 Publication …
19 July 2023
… information note for individuals and entities transferring data to the U.S.. This note aims to provide concise and … to the U.S., the redress mechanisms available under the Data Privacy Framework (DPF), and the new redress mechanism … a processing, the strengthening of the duty to notify data breaches to the Japanese data protection authority and to …
20 August 2024
… and modalities for the exercise of the rights of the data subject) Article 13 (Information to be provided where personal data are collected from the data subject) Keywords … Privacy statement International transfer Personal data breach Right to erasure Outcome No sanction …
27 July 2020
… on July 9th on account of several instances of unlawful data processing that were mostly related to marketing. The … similar infringements that had occurred when the previous data protection law was in force. The fine was imposed … activities to call centres, which collected data in breach of the law. The pleadings submitted by Wind Tre and …
15 April 2024
… fine Keywords: own-initiative investigation, biometric data, Data Protection Impact Assessments Summary of the Decision … on the Hellenic Ministry of Migration and Asylum for the breaches found in relation to the cooperation with the … fine Keywords: own-initiative investigation, biometric data, Data Protection Impact Assessments Summary of the …