Search results | European Data Protection Board

Twilio
1 July 2018
… Clients, customers Suppliers, service providers Pre-GDPR Yes … Twilio …
Giesecke + Devrient GmbH
1 July 2018
… Clients, customers Suppliers, service providers Pre-GDPR Yes … Giesecke + Devrient GmbH …
Giesecke + Devrient GmbH
1 July 2018
… Clients, customers Suppliers, service providers Pre-GDPR Yes … Giesecke + Devrient GmbH …
Finnish DPA imposes administrative fine for several deficiencies in personal data processing
4 June 2020
News
… compliance of the related personal data processing with the GDPR. The Deputy Data Protection Ombudsman ordered the … failed to conduct the impact assessments required by the GDPR before the start of processing. Data protection impact … that the processing of audio data was not in line with the GDPR’s principle of data minimisation. She ordered Taksi …
Administrative fine imposed on psychotherapy centre Vastaamo for data protection violations
5 January 2022
News
… Accountability (Art. 5(2)) Decision: Infringement of the GDPR, administrative fine and reprimand Key words: personal … Ombudsman issued Vastaamo a reprimand on violating the GDPR. The sanctions board of the Office of the Data … Accountability (Art. 5(2)) Decision: Infringement of the GDPR, administrative fine and reprimand Key words: personal …
European Data Protection Board - 40th Plenary session: Guidelines on Data Protection by Design & Default, Coordinated Enforcement Framework, Letter on Copyright Directive
21 October 2020
News
… by Design and by Default (DPbDD) as set forth in Art. 25 GDPR. The core obligation enshrined in Art.25 is the … purpose, while applying all the other principles of the GDPR. The EDPB further highlighted that it is in continuous … by Design and by Default (DPbDD) as set forth in Art. 25 GDPR. The core obligation enshrined in Art.25 is the …
Spanish Data Protection Authority (AEPD) imposes fine of 70.000 EUR on XFERA MOVILES
18 August 2020
News
… of confidentiality, established in Article 5(1)(f) of the GDPR. You can read the text of the decision here . For … of confidentiality, established in Article 5(1)(f) of the GDPR. You can read the text of the decision here . For …
The Norwegian SA fines Krokatjønnvegen 15 AS
20 January 2023
News
… of processing (Article 6) Decision: Infringement of the GDPR, Administrative fine and Order to comply Key words: … of processing (Article 6) Decision: Infringement of the GDPR, Administrative fine and Order to comply Key words: …
Polish SA: administrative fine of 262 500 € for hidden video surveillance in neonatology department and failure to implement appropriate security measures
2 May 2025
News
… Article 6(1), 9(1) in relation with Article 13(1,2) of the GDPR and a fine of 105 000 € for infringement of Articles 24(1), 25(1,) and 32(1,2) of the GDPR. Total amount of imposed fine on Centrum Medyczne … Article 6(1), 9(1) in relation with Article 13(1,2) of the GDPR and a fine of 105 000 € for infringement of Articles …
Polish SA: administrative fine of 5 625 € for failure to implement appropriate technical and organisational measures to ensure security
6 February 2025
News
… data in compliance with the principles expressed in the GDPR. Losing a laptop is losing a laptop represents an … ZHP for infringement of Articles 5, 24, 25 and 32 of the GDPR. Chorągiew was ordered to implement appropriate data … data in compliance with the principles expressed in the GDPR. Losing a laptop is losing a laptop represents an …
Norwegian DPA issues reprimand to Telenor for inadequate protection of personal data
12 February 2021
News
… have been breached: Violation of Article 32 (1) of the GDPR, by failing to implement appropriate technical and … appropriate to the risk. Violation of Article 33 of the GDPR, by failing to notify the personal data breach to the … have been breached: Violation of Article 32 (1) of the GDPR, by failing to implement appropriate technical and …
Norsk Hydro
1 July 2018
… of the Group’s respective regular business activities. Pre-GDPR Yes … Norsk Hydro …
ATOS
1 July 2014
… of the Group’s respective regular business activities Pre-GDPR Yes … ATOS …
ATOS
1 July 2014
… of the Group’s respective regular business activities Pre-GDPR Yes … ATOS …
Camera surveillance during daytime is justified at Swedish school to prevent fires
3 October 2023
News
… of personal data pursuant to Article 6(1)(c) of the GDPR. However, the national legal regulation may form the basis for the processing under Article 6(1)(e) GDPR. IMY concluded that fires are serious and can pose a … of personal data pursuant to Article 6(1)(c) of the GDPR. However, the national legal regulation may form the …
Polish SA: administrative fine of EUR 1 170 for Social Welfare Centre and EUR 2 341 EUR for Mayor of Aleksandrów for ignoring the risk of ransomware attack
25 September 2025
News
… Article 24 (1), 25 (1), 28 (1) 32 (1,2), and 33 (1) of the GDPR, as well as on Mayor of Aleksandów an administrative … 32 (1,2) in connection with Article 28 (3)(c,f) of the GDPR. For further information: • National press release: … Article 24 (1), 25 (1), 28 (1) 32 (1,2), and 33 (1) of the GDPR, as well as on Mayor of Aleksandów an administrative …
Intel Corporation
1 July 2012
… as part of the Group’s regular business activities Pre-GDPR Yes … Intel Corporation …
DSM
1 July 2014
… of the Group’s respective regular business activities Pre-GDPR Yes … DSM …
Kongsberg
1 July 2018
… of the Group’s respective regular business activities. Pre-GDPR Yes … Kongsberg …
Yara
1 July 2018
… of the Group’s respective regular business activities. Pre-GDPR Yes … Yara …