5 June 2019
… in relation to the application of Articles 40 and 41 GDPR. The guidelines intend to help clarify the procedures … how to interpret and implement the provisions of Article 43 GDPR. In particular, they aim to help Member States, … bodies that issue certification in accordance with the GDPR. The annex provides guidance on the additional …
11 April 2022
… Reference: Article 5 (2) Decision: Infringement of the GDPR Key words: Deletion Summary of the Decision Origin … million EUR) for the infringement of Article 5 (2) of the GDPR. Decision The Danish Supervisory Authority has reported … million EUR) for the infringement of Article 5 (2) of the GDPR. For further information: …
12 September 2018
… administrative penal decision for infringements of the GDPR and Austrian Data Protection Act. The Austrian DPA … café as the controller within the meaning of Article 4. 7 GDPR of an image processing system (video surveillance). The … Art. 6 para. 1 of the General Data Protection Regulation (GDPR) and several provisions of the Austrian Data Protection …
15 July 2022
… legitimate interest (Article 6(1)(f) GDPR) Decision: Issuance of warning to controller that … transposing directive 2002/58/EC and Article 6(1)(f) GDPR; Key words: Personalised advertising; legal basis; … user’s consent; warning to controller; Article 58(2)(a) GDPR; Section 154(1)(f) of Italian personal data protection …
25 September 2020
… in accordance with the General Data Protection Regulation (GDPR). The topics of direct marketing included various … Article 4(11) of the EU General Data Protection Regulation (GDPR), the consent must be a freely given, specific, … the data subjects’ right to object in accordance with the GDPR. In the controller’s view, it has targeted the …
5 August 2020
… breach or to mitigate its adverse effects (Art. 33 (3) (d) GDPR) The passwords of the affected accounts have been … or public communi- cation (Art. 34(1) or Art. 34(3) (c) GDPR) The controller has notified all data subjects and … the incident occurred, e.g. encryption (Article 34 (3) (a) GDPR) No particular measures beyond the standard IT security …
5 June 2025
… adopted the final version of its guidelines on Art.48 GDPR about data transfers to third country authorities … the simplification of record-keeping obligation under the GDPR. Data transfers to third country authorities … In its guidelines, the EDPB zooms in on Art. 48 GDPR and clarifies how organisations can best assess under …
13 October 2021
… Reference: Purpose limitation (article 5, par. 1, let. b) GDPR), lawfulness of processing (article 6, par. 1, let. a) GDPR), adequacy of the measures (articles 24, 25 GDPR); SA’s power to request information from controller or …
28 January 2025
… dela och logga in lämnar du efter dig ett digitalt spår. GDPR säkerställer att dina uppgifter endast kan användas på … dela och logga in lämnar du efter dig ett digitalt spår. GDPR säkerställer att dina uppgifter endast kan användas på …
20 January 2023
… (Article 35) Decision: Infringement of the GDPR, Administrative fine, Ban on processing, Order to … limitation principles; infringement of Articles 6 and 7 GDPR; failure to provide the information set out by Articles … to bring processing operations into compliance with the GDPR as for the transparency-related infringements - by …
2 May 2025
… examined the case and found that the provisions of the GDPR had been infringed (Article 6(1) and 9(1)). The Polish DPA concludes that this infringement of the GDPR is of a serious nature. The personal data of the person … data available by the Commander-in-Chief in breach of the GDPR (without a legal basis) during the conference entails …
15 September 2023
… that TikTok Technology Limited (TikTok) infringed the GDPR's principle of fairness when processing personal data … TikTok infringed the principle of fairness under the GDPR. Consequently, the EDPB instructed the IE DPA to … infringement and to order TikTok to comply with the GDPR by eliminating such design practices. The EDPB also …
13 October 2020
… IP address, refers to Art. 6 para. 1 sentence 1 lit. f GDPR. sees the legitimate interest in the processing of … attacks, in particular to meet the requirements of Art. 32 GDPR and § 13 para. 7 TMG. Furthermore, the method aims at … risks" in the sense of Art. 6 para. 1 sentence 1 lit. f GDPR. 3 III. Legal assessment The Brandenburg Commissioner …
14 March 2022
… the data subject (Article 13) Decision: Infringement of the GDPR, administrative fine and reprimand Summary of the … right to inspect their own data in accordance with the GDPR or to give a reason for restricting this right. The … Ombudsman issued the company a reprimand for violating the GDPR and ordered it to change its procedure to comply with …
14 July 2022
… of the rights in the Proposal is not consistent with the GDPR and there is a substantial risk of legal uncertainty … of the different rights between the Proposal and the GDPR.” EDPS Supervisor Wojciech Wiewiórowski said : “ Health … the Commission’s efforts to align the Proposal with the GDPR provisions when personal data is involved, they note …
22 November 2019
… Privacy Shield Guidelines on the Territorial Scope of the GDPR (version following public consultation) Guidelines on … Privacy Shield Guidelines on the Territorial Scope of the GDPR (version following public consultation) Guidelines on …
12 June 2023
… Origin of the case The General Data Protection Regulation, GDPR, entered into force in 2018 and means, among other … information pursuant to article 15.1 a-h and 15.2 of the GDPR that should be provided to the individual making the … violations of articles 12.1, 15.1 a-d, g and 15.2 of the GDPR. IMY has further found that Spotify had failed in its …
5 August 2020
… breach or to mitigate its adverse effects (Art. 33 (3) (d) GDPR) Both the document and the entry were deleted. … or public communi- cation (Art. 34(1) or Art. 34(3) (c) GDPR) The data subjects concerned were informed in writing … the incident occurred, e.g. encryption (Article 34 (3) (a) GDPR) This was not a technical error. 6. Subsequent measures …
… the position in their organisations required by Art. 37-39 GDPR and the resources needed to carry out their tasks. The … all DPOs notified in Liechtenstein pursuant to Art. 37 (7) GDPR. The results of the joint initiative will be analysed … the position in their organisations required by Art. 37-39 GDPR and the resources needed to carry out their tasks. The …
9 June 2020
… to NGOs on Hungarian government decrees Statement on Art 23 GDPR … During its 26th, 28th and 30th plenary session, the … to NGOs on Hungarian government decrees Statement on Art 23 GDPR … EDPB adopted documents - 26th, 28th and 30th plenary …