Sök

  • 2931 poster
Filter on
Filter on topic
Filter on type

EDPBI:CY:OSS:D:2022:485

Final One Stop Shop Decision
cy
CSA
  • se
Main legal reference
Article 17 (Right to erasure (‘right to be forgotten’))
Relevant topics
Outcome
Dismissal/Rejection of the case

EDPBI:EE:OSS:D:2022:496

Final One Stop Shop Decision
CSA
  • se
  • fr
Main legal reference
Article 32 (Security of processing)
Outcome
No sanction

EDPBI:EE:OSS:D:2022:469

Final One Stop Shop Decision
CSA
  • fr
  • se
Main legal reference
Article 5 (Principles relating to processing of personal data)
Article 6 (Lawfulness of processing)
Article 21 (Right to object)
Article 7 (Conditions for consent)
Relevant topics
Outcome
Reprimand

EDPBI:EE:OSS:D:2022:447

Final One Stop Shop Decision
CSA
  • se
Main legal reference
Article 5 (Principles relating to processing of personal data)
Article 6 (Lawfulness of processing)
Relevant topics
Outcome
Reprimand

EDPBI:DE:OSS:D:2022:335

Final One Stop Shop Decision
DE (Baden-Wüerttemberg)
CSA
Main legal reference
Article 12 (Transparent information, communication and modalities for the exercise of the rights of the data subject)
Article 15 (Right of access by the data subject)
Relevant topics
Outcome
Reprimand

EDPBI:SE:OSS:D:2023:975

Final One Stop Shop Decision
se
CSA
  • fr
  • cy
Main legal reference
Article 6 (Lawfulness of processing)
Article 12 (Transparent information, communication and modalities for the exercise of the rights of the data subject)
Article 21 (Right to object)
Relevant topics
Outcome
Administrative fine

EDPBI:SE:OSS:D:2023:883

Final One Stop Shop Decision
se
CSA
Main legal reference
Article 17 (Right to erasure (‘right to be forgotten’))
Relevant topics
Outcome
Other

EDPBI:SE:OSS:D:2023:864

Final One Stop Shop Decision
se
CSA
Main legal reference
Article 15 (Right of access by the data subject)
Relevant topics
Outcome
Other

GDPR-CARPA

Certification Criteria
Scheme owner
LU SA
Scope

Any type of processing except:

personal data processing operations specifically targeting minors under 16 years old,
processing operations in the context of a joint controllership,
processing operations in the context of article 10 GDPR, except those that are clearly defined and regulated by Luxembourgish or European Laws and for which the CNPD is the competent supervisory authority (e.g. Loi du 1er août 2018 relative à la protection des personnes physiques à l’égard du traitement des données à caractère personnel en matière pénale ainsi qu’en matière de sécurité nationale),
processing operations of entities that have not officially designated a DPO* (article 37 GDPR). 

Type of criteria
National certification criteria
Certification as tool for transfers
No
List of documents assessed by the EDPB
  • LU SA – GDPR-CARPA Certification criteria-1.docx