Search results
From GDPRhub
- IMY (Sweden) - DI-2020-11368 (category Article 44 GDPR)pénalité), C-439/19, EU:C:2021:504, paragraph 61, judgment Nowak, C-434/16, EU:C:2017:994, paragraph 33 and judgment Rijkeboer, C-553/07, EU:C:2009:293,115 KB (12,842 words) - 08:38, 5 July 2023
- Personvernnemnda (Norway) - 2021-18 (20/02059) (category Article 17(1)(c) GDPR)around the processing of personal data subject to Article 10 GDPR. Pursuant to Article 6(1)(f) GDPR, the Privacy Appeals Board conducted a balancing test36 KB (5,859 words) - 06:40, 6 July 2022
- BVwG - W214 2233132-1/13E (category Article 15(1)(c) GDPR)under Article 77 GDPR was very clear and limited in scope. However, the DSB went on to assert a violation of Article 12 GDPR and Article 15(1)(h) GDPR, acting47 KB (7,519 words) - 09:28, 13 February 2024
- APD/GBA (Belgium) - 149/2023 (category Article 7(3) GDPR)meaning of article 4.19 of the GDPR – (article 13.1. c) of the GDPR) and does not mention the data retention periods personal data processed (article 13.2.113 KB (17,325 words) - 08:50, 19 March 2024
- FG München - Auskunftsanspruch nach Art. 15 DSGVO (category Article 15(3) GDPR)DSGVO/BDSG , Article 15 paragraph 33; Schaffland/Holthaus in Schaffland/Wiltfang, GDPR, Article 15 GDPR paragraph 44; loc. A. Härting, CR 2019, 219). 136 (3) In97 KB (16,519 words) - 09:57, 22 February 2023
- AEPD (Spain) - E/00739/2021 (category Article 12(5) GDPR)exercising their rights in bad faith. The AEPD brought forward Article 12(5) GDPR, as well as Article 7 of the Spanish Civil Code, that states that rights must29 KB (4,607 words) - 13:38, 13 December 2023
- AEPD (Spain) - E/03884/2020 (category Article 2(1) GDPR)outside the material scope of the GDPR. Also, with regards to the definition of personal data from Article 4(1) GDPR, the DPA did not reach a firm conclusion56 KB (8,737 words) - 09:35, 26 May 2021
- EDPB - Binding Decision 2/2022 - 'Instagram' (category Article 5(1)(c) GDPR)additional submissions regarding Article 83(3) GDPR (“Meta IE Submissions on Article 83(3) GDPR”). December 2021 On3December2021,theIESAshareditsDraftDecisionwiththeCSAs276 KB (38,206 words) - 09:46, 20 January 2023
- HDPA (Greece) - 51/2021 (category Article 22 GDPR)more details. Article 2: Substantive scope Article 2.2.c: Exclusively personal or domestic activity Article 3: Territorial scope Article 4.1: Personal9 KB (1,168 words) - 15:30, 6 December 2023
- APD/GBA (Belgium) - 31/2020 (category Article 5(1)(c) GDPR)this case under Article 6(1)(a) or 6(1)(c)? If Article 6(1)(a) applies, do the requirements for parental consent under Article 8 GDPR also apply? Did the48 KB (7,926 words) - 16:56, 12 December 2023
- Datatilsynet (Denmark) - 2019-441-1578 (category Article 34 GDPR)and at least contain the information and measures referred to in Article 33 (2). 3 (b), (c) and (d). The deadline for compliance is January 7, 2020 . The21 KB (2,901 words) - 16:37, 6 December 2023
- LAG Hessen - 9 Sa 1431/19 (category Article 15(1) GDPR)purpose limitation in accordance with Article 5 Paragraph 1 Letter b GDPR (Paal/Pauly/Paal, 3rd edition 2021, GDPR Article 15 Rn. 24). The plaintiff has a right32 KB (5,093 words) - 16:07, 11 September 2022
- RvS - 201901006/1/A2 (category Article 79 GDPR)currently enshrined in Article 47 of the Charter (judgments of the Court of Justice of 18 March 2010, C-317/08, C-318/08, C-319/08 and C-320/08, Alassini and34 KB (5,179 words) - 07:10, 7 April 2020
- Garante per la protezione dei dati personali (Italy) - 9446730 (category Article 58(2)(c) GDPR)to the GDPR, imposed a fine in the amount of € 10.000 and ordered Cavauto srl. to communicate the proposed changes in view of compliance with GDPR. The Italian34 KB (5,420 words) - 15:51, 6 December 2023
- RvS - 201902417/1/A2 (category Article 6(1)(e) GDPR)currently enshrined in Article 47 of the Charter (judgments of the Court of Justice of 18 March 2010, C-317/08, C-318/08, C-319/08 and C-320/08, Alassini and37 KB (5,721 words) - 12:41, 16 September 2021
- CNPD (Luxembourg) - Délibération n° 13FR/2023 (category Article 5(1)(b) GDPR)their employees. The DPA found a violation of Article 5(1)(b) GDPR, Article 5(1)(c) GDPR and Article 13 GDPR. Following a visit to the premises of two public96 KB (13,984 words) - 16:57, 6 December 2023
- Datatilsynet (Norway) - 20/01879 (category Article 24 GDPR)highly sensitive personal data exposed, thus breaching Article 32(1)(b) GDPR and Article 32(2), cf. Article 24. An employee in a municipal health care center30 KB (4,302 words) - 18:53, 5 March 2022
- publication of the press release of 17 June 2020 infringed Article 54(2) GDPR and Article 48(1) and Article 64(3) WOG. This press release described that the DPA was206 KB (30,485 words) - 09:54, 14 December 2023
- CNPD (Luxembourg) - Délibération n° 21FR/2021 (category Article 5(1)(c) GDPR)company was not compliant with Article 13 GDPR. The CNPD held that the controller infringed Article 5(1)(c) GDPR and Article 13 GDPR and decided to: - impose52 KB (7,520 words) - 13:13, 20 July 2021
- APD/GBA (Belgium) - 74/2020 (category Article 6(1)(f) GDPR)within the meaning of Article 26 GDPR, as determined in section 2.3. 135. The legal provision on data protection by design, Article 25 GDPR, states expressly82 KB (12,100 words) - 17:01, 12 December 2023