24 November 2020
… the City of Stockholm 24 November 2020 Sweden The Swedish Data Protection Authority has reviewed the so-called School … Board of Education in the City of Stockholm. The Swedish Data Protection Authority has received a number of personal data breach notifications from the City of Stockholm's Board of …
5 June 2025
… Article 5 (Principles relating to processing of personal data) Decision: administrative fine Key words: … in this ecosystem, in particular intermediaries who resell data, known as data brokers. Thus, the CNIL carried out … on the market, the financial benefit derived from the breaches and the complete cessation of activity of the …
15 June 2021
… for inadequate testing 15 June 2021 Norway The Norwegian Data Protection Authority has fined the Norwegian … GDPR violation. The backdrop for this case is that personal data about 3.2 million Norwegians was available online for … Data Protection Authority also found the incident to be in breach of the principles of legality, data minimisation and …
25 September 2025
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 … access to the IT systems was blocked, resulting in a breach of the confidentiality and availability of personal …
15 April 2024
… fine Keywords: own-initiative investigation, biometric data, Data Protection Impact Assessments Summary of the Decision … on the Hellenic Ministry of Migration and Asylum for the breaches found in relation to the cooperation with the … fine Keywords: own-initiative investigation, biometric data, Data Protection Impact Assessments Summary of the …
30 December 2021
… Article 5 (Principles relating to processing of personal data) Article 13 (Information to be provided where personal data are collected from the data subject) Article 17 (Right … be informed Right to erasure Data retention Personal data breach Data security Password Outcome Administrative fine …
7 October 2019
… a telephone service provider (1) Imposition of a fine for breach of the principle of accuracy and data protection by design when keeping personal data of subscribers The Hellenic DPA has received complaints … of a fine for breach of the principle of accuracy and data protection by design when keeping personal data of …
13 September 2023
… Article 5 (Principles relating to processing of personal data) Article 25 (Data protection by design and by default) Article 28 … fine Data protection by design and by default Personal data breach Processor Responsibility of the controller Outcome …
19 March 2019
… Municipality 19 March 2019 On March 19th, the Norwegian Data Protection Authority imposed an administrative fine of … the municipality’s computer system, containing the personal data of over 35,000 pupils and employees of the … individuals, primarily children The fact that the security breach encompasses personal data to over 35 000 individuals, …
22 May 2019
… days short of the GDPR’s first anniversary, the European Data Protection Board surveyed the Supervisory Authorities … 2017. Over 144.000 queries and complaints* and over 89.000 data breaches have been logged by the EEA Supervisory … days short of the GDPR’s first anniversary, the European Data Protection Board surveyed the Supervisory Authorities …
5 May 2022
… not exclusively against Google LLC, even if it is the sole data controller. On the basis of the CJEU's Google Spain … shortcomings of the GDPR by Google LLC, (2) that these breaches are attributable to Google Belgium SA and (3) that … SA (highest level of protection for the benefit of the data subjects). Decision Even if the BE SA dismissed the …
… . The main objective of this programme is to help European Data Protection Authorities (DPAs) increase their capacity to supervise and enforce data protection rules by developing common tools and giving … biometrics including facial recognition DPIA, personal data breaches, risk management Fintech IT auditing, information …
10 December 2019
… the infringement of certain provisions of General Data Protection Regulation (GDPR). The controller was … Hora Credit IFN SA sent documents containing the personal data of another person to the e-mail address. Although this … risks and notification of the ANSPDCP in case of a security breach, under the conditions provided by Article 33 …
18 December 2020
… Type: Guidelines Topics: Restrictions The European Data Protection Board welcomes comments on the Guidelines … set out in the Regulation and in accordance with applicable data protection rules. All legal details can be found in our … GDPR........................... 9 3.3.7 Protection of the data subject or the rights and freedoms of …
6 September 2020
… Type: Guidelines Topics: Controller Processor The European Data Protection Board welcomes comments on the Guidelines … set out in the Regulation and in accordance with applicable data protection rules. All legal details can be found in our … play a crucial role in the application of the General Data Protection Regulation 2016/679 (GDPR), since they …
5 May 2021
… million fine to Disqus Inc. 5 May 2021 Norway The Norwegian Data Protection Authority has notified Disqus Inc. (Disqus) … it also engages in programmatic advertising. The Norwegian Data Protection Authority was made aware of the matter … In our advance notification, we also consider that Disqus breached the GDPR transparency and information requirements …
8 June 2023
… Article 5 (Principles relating to processing of personal data) Article 6 (Lawfulness of processing) Article 9 (Processing of special categories of personal data) Article 12 (Transparent information, communication and … of processing) Article 33 (Notification of a personal data breach to the supervisory authority) Keywords Administrative …
18 May 2020
… EDPB Annual Report 2019 1 EDPB Annual Report 2019 1 European Data Protection Board 2019 Annual Report WORKING TOGETHER … duties Guiding principles 5 6 2.1. 2.2. ABOUT THE EUROPEAN DATA PROTECTION BOARD 3 7 2019 - AN OVERVIEW4 8 Functioning … measures for ensuring data protection, which led to data breaches. Several significant incidents involved the …
12 February 2019
… Monitoring Bodies under Regulation 2016/679 The European Data Protection Board welcomes comments on the Guidelines … on the EDPB website. If your submission contains personal data, they will also be disclosed on the EDPB website, unless you object to the processing of your data on grounds relating to your particular situation. …
12 May 2021
… on Locatefamily.com 12 May 2021 Netherlands The Dutch Data Protection Authority (DPA) has imposed a fine of … in the EU. The lack of a representative in the EU is a breach of the General Data Protection Regulation (GDPR) and is the reason the fine … The Dutch Data Protection Authority (DPA) has imposed a fine of …