Search results

From GDPRhub

  • CNPD (Portugal) - Deliberação 2022/1072 (category Article 28(7) GDPR)
    controller €400,000 pursuant of Article 83(4)(a) GDPR for the failure to conduct a DPIA in violation with Articles 35(1), 35(2), and 35(3)(b). The DPA stated that
    163 KB (27,222 words) - 16:54, 6 December 2023
  • OLG Schleswig - 17 U 15/21 (category Article 6(1)(e) GDPR) (section Article 6(1)(e) GDPR)
    entitled to erasure under Article 17(1)(d) GDPR, as the data processing was not lawful. In any case, the requirements of Article 6 GDPR were no longer met 6
    51 KB (8,215 words) - 09:55, 13 May 2022
  • APD/GBA (Belgium) - 31/2020 (category Article 35 GDPR)
    requirement for a DPIA under Article 35 GDPR: The Belgian DPA was satisfied that there was no infringement of Article 35 GDPR, and subsequently no obligation
    48 KB (7,926 words) - 16:56, 12 December 2023
  • OLG Dresden - 4 U 1905/21 (category Article 12(5)(b) GDPR)
    that a controller is allowed to reject a request to access under Article 12(5)(b) GDPR as "excessive" if the request's sole purpose is to verify the validity
    40 KB (6,325 words) - 16:12, 18 May 2022
  • Hoge Raad - 21/00241 (category Article 6(1)(c) GDPR)
    processed on the basis of Article 6(1)(c) GDPR does not have the rights to erasure and objection contained in Article 17 and Article 21 GDPR respectively. This
    29 KB (4,605 words) - 17:00, 15 December 2021
  • APD/GBA (Belgium) - 21/2022 (category Article 35 GDPR) (section Accountability (Article 24 GDPR), data protection by design and by default (Article 25 GDPR), integrity and confidentiality (Article 5(1)(f) GDPR), as well as security of processing (Article 32 GDPR))
    violated Article 30(1) GDPR, as it should have kept more detailed records of processing activities. Data protection impact assessment - Article 35 GDPR The
    429 KB (58,279 words) - 09:12, 2 November 2022
  • HDPA (Greece) - 50/2021 (category Article 35(9) GDPR)
    information in accordance with Article 13 GDPR. In addition, the HDPA found that the Ministry violated the obligation of Article 35(9) GDPR in relation to the expression
    5 KB (548 words) - 09:23, 12 October 2022
  • CNPD (Portugal) - Deliberação 2021/1569 (category Article 83(7) GDPR)
    under Article 5 (1)(e)GDPR, the duty to provide information under Article 13 GDPR, and the obligation to carry out a DPIA under Article 35(3)(b) GDPR. The
    11 KB (1,491 words) - 16:54, 6 December 2023
  • Rb. Rotterdam - C/10/576074/HA RK 19-694 (category Article 15(3) GDPR)
    the documents or files containing their personal data under Article 15(3) GDPR and Article 12 of the ePrivacy Directive. However, there is a right to a
    15 KB (2,504 words) - 16:27, 10 March 2022
  • AKI (Estonia) - 2.1-3/20/347 (category Article 15(1) GDPR)
    the basis of § 35 (1) 9) of the PSA, but in refusing to comply with a request for information, § 35 (1) 5 ) and Point 10 of because § 35 section 1 subsection
    26 KB (4,193 words) - 10:30, 13 December 2023
  • Tietosuojavaltuutetun toimisto (Finland) - 8393/161/2019 (category Article 35 GDPR)
    with Article 5 (1) (a) and Article 6 (1) (f) GDPR. Thus, the controller failed to comply with the accountability principle under Article 5 (2) GDPR. Second
    111 KB (17,604 words) - 13:08, 3 March 2024
  • Datatilsynet (Norway) - 20/02147 (category Article 35 GDPR)
    the lack of security routines, thus breaching Article 32(1)(b) cf. Article 5 GDPR, Article 35 and Article 24(1), respectively. Teachers at two junior high
    24 KB (3,591 words) - 18:57, 5 March 2022
  • APD/GBA (Belgium) - 42/2020 (category Article 4(7) GDPR)
    basis as provided in Article 6.1. GDPR. The Disputes Chamber will determine that the defendants rightly invoke Article 6.1. f) GDPR 7, since the verdict
    30 KB (4,871 words) - 16:58, 12 December 2023
  • Commissioner (Cyprus) - 11.17.001.007.220 (category Article 7(4) GDPR)
    time tracking system, due to a lack of compatibility with Article 7(4) and Article 35(9) of GDPR. KEO PLC decided to upgrade its ERP system, whose upgrade
    56 KB (8,913 words) - 16:52, 6 December 2023
  • APD/GBA (Belgium) - 34/2020 (category Article 5(1)(b) GDPR)
    assessment against the GDPR A. Identification of the controllers involved (Article 4.7 GDPR) 24. In accordance with Article 4.7 GDPR, it must be the controller
    82 KB (13,250 words) - 16:57, 12 December 2023
  • Garante per la protezione dei dati personali (Italy) - 9861249 (category Article 35 GDPR)
    should have applied Article 35 GDPR. In light of the above, the Italian DPA used its corrective powers under Article 58(2)(c) and 83 GDPR and fined the controller
    87 KB (14,104 words) - 15:45, 6 December 2023
  • AP (The Netherlands) - 7.04.2022 (category Article 35(2) GDPR)
    (possible) fraud. This resulted in a breach of Article 5(1)(a) GDPR and Article 6(1) GDPR in conjunction with Article 8 of the Dutch Personal Data Protection
    49 KB (7,201 words) - 17:06, 12 December 2023
  • CJEU - C-683/21 - Nacionalinis visuomenės sveikatos centras (category Article 4(7) GDPR)
    asked whether the joint control of data in accordance with Article 4(7) and Article 26(1) GDPR must be interpreted 'exclusively' as involving deliberately
    9 KB (1,234 words) - 12:48, 25 January 2024
  • HDPA (Greece) - 20/2020 (category Article 2(2)(a) GDPR)
    explanatory statement of the law, Article 10 defines the Authority’s competence in compliance with Article 55 GDPR.Article 55 GDPR provides for a restriction
    29 KB (4,578 words) - 15:35, 6 December 2023
  • Tietosuojavaltuutetun toimisto (Finland) - TSV/35/2022 (category Article 5(1)(a) GDPR)
    a violation of Article 5(1)(b) GDPR. As a result, the DPA issued a reprimand to the controller in accordance with Article 58(2)(b) GDPR. Generally, a controller
    20 KB (2,859 words) - 13:11, 13 March 2024
View ( | ) (20 | 50 | 100 | 250 | 500)
Retrieved from "https://gdprhub.eu/index.php?title=Special:Search"
Creative Commons Attribution-NonCommercial-ShareAlike
Powered by MediaWiki