Search results
From GDPRhub
- Tietosuojavaltuutetun toimisto (Finland) - 8493/161/21 (category Article 12(2) GDPR)the controller had violated Article 5(1)(a) GDPR, Article 12 GDPR, Article 13 GDPR, Article 15 GDPR and Article 25(1) GDPR. As a result, the DPA issued52 KB (7,936 words) - 22:32, 2 March 2024
- APD/GBA (Belgium) - 149/2023 (category Article 13(2) GDPR)of article 4.19 of the GDPR – (article 13.1. c) of the GDPR) and does not mention the data retention periods personal data processed (article 13.2. a)113 KB (17,325 words) - 08:50, 19 March 2024
- Tietosuojavaltuutetun toimisto (Finland) - 3216/452/17 (category Article 9(2)(a) GDPR)violated Article 5(1)(a) GDPR, Article 5(1)(c) GDPR, Article 9 GDPR and Article 25(2) GDPR. As a result, and in accordance with Article 58(2)(d) GDPR, the60 KB (9,117 words) - 14:46, 24 January 2024
- CJEU - C‑634/21 - SCHUFA (category Article 22(2)(b) GDPR)meaning of Article 22(1) of that regulation.’ Moreover, the Court addressed the relationship between Article 22(2)(b) GDPR and national law. Article 22(2)(b)6 KB (783 words) - 16:05, 12 December 2023
- BVwG - W211 2210458-1/10 (category Article 2(1) GDPR)2019, BVwerG 6 C 2.18 "It follows that the opening clauses of Article 6.2 and 6.3 GDPR for processing operations under Article 6.1(1)(e) GDPR do not cover92 KB (15,435 words) - 16:00, 22 March 2022
- HDPA (Greece) - 4/2020 (category Article 5(2) GDPR)parent's request, thus violating Article 15(1) and (4) GDPR as well as the principle of accountability pursuant to Article 5(2) GDPR. The complainant requested18 KB (2,865 words) - 15:33, 6 December 2023
- Garante per la protezione dei dati personali (Italy) - 9574709 (category Article 58(2)(d) GDPR)Moreover, the information provided as per Article 13 GDPR were not compliant with the requirements of Article 12 GDPR in light of the fact that TikTok services17 KB (2,519 words) - 15:55, 6 December 2023
- VG Wiesbaden - 6 K 788/20.WI (category Article 4(4) GDPR)decision within the meaning of Article 22(1) and Article 22(2) GDPR - then the opening clause of Article 22(2)(b) GDPR does not apply to national rules52 KB (8,534 words) - 12:58, 15 December 2021
- CJEU - C-667/21 - Krankenversicherung Nordrhein (category Article 9(2)(h) GDPR)processing of data concerning health laid down in Article 9(1) GDPR is possible under Article 9(2)(h) GDPR) in a case such as the present one, are there further14 KB (1,916 words) - 16:03, 2 February 2024
- DSB (Austria) - D124.1177/0006-DSB/2019 (category Article 9(2)(j) GDPR) (section Article 17(1)(d) GDPR)Articles 5(1)(b) and (e), 9(2)(j), 89(1) GDPR and Section 7(1)(1) and (2)(1) GDPR. In particular, it follows from Article 9(2)(j) GDPR that the processing of31 KB (4,648 words) - 13:56, 12 May 2023
- HDPA (Greece) - 19/2020 (category Article 5(2) GDPR)previous relationship with her. The HDPA held that according to the GDPR and Article 11 of L. 3471/2006, in electronic political communication a politician2 KB (168 words) - 15:35, 6 December 2023
- BVwG - W245 2252208-1/36E and W245 2252221-1/30E (category Article 46(2)(c) GDPR)(VWA ./05, see point II.2), the XXXX (VWA ./06, see point II.2) and a certificate of representation (VWA ./07, see point II.2). I.2. As a result, the BA continued158 KB (26,392 words) - 08:25, 7 June 2023
- HDPA (Greece) - 31/2020 (category Article 4(2) GDPR)DPA held that a CCTV system shall be handled as subject to Article 4(1) and Article 4(2) of GDPR Regulation. That judgment does not mean that any CCTV surveillance6 KB (719 words) - 15:36, 6 December 2023
- Datatilsynet (Norway) - 21/03530 (category Article 58(2)(f) GDPR)by the EDPB pursuant to Article 66(2) GDPR. Temporary ban on processing (order) Pursuant to Article 66(1) GDPR and 58(2)(f) GDPR the Norwegian DPA consequently99 KB (14,431 words) - 16:20, 6 December 2023
- HDPA (Greece) - 3/2022 (category Article 58(2)(f) GDPR)the meaning of Article 4(7) GDPR. Furthermore, the erasure or destruction of personal data is a form of processing based on Article 4(2) GDPR. The DPA has11 KB (1,492 words) - 13:09, 23 November 2022
- APD/GBA (Belgium) - 06/2019 (category Article 58(2)(i) GDPR)c), Article 6.1., Article 13.1. c), Article 13.1. c), Article 13.1. e) and Article 13.2. a) of the DGPS pursuant to Article 101 of the ICA, to impose20 KB (3,137 words) - 16:51, 12 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - TSV/26/2020 (category Article 25(2) GDPR)violated Article 5(1)(e) GDPR and Article 25(2) GDPR. As a result, the DPA issued a reprimand to the controller in accordance with Article 58(2)(b) GDPR. Pursuant77 KB (12,352 words) - 07:20, 23 April 2024
- The heading of Article 6(1) and the wording “has given” in Article 6(1)(a) support this interpretation. It follows logically from Article 6 and Recital65 KB (9,767 words) - 16:22, 6 December 2023
- AEPD (Spain) - EXP202203969 (category Article 6(1) GDPR)” Regarding section k) of article 83.2 of the GDPR, the LOPDGDD, article 76, "Sanctions and corrective measures", provides: "2. In accordance with the provisions45 KB (7,135 words) - 13:08, 13 December 2023
- LG Krefeld - 2 O 448/20 (category Article 15(1) GDPR)regarded as an access request under Article 15(1) GDPR. According to Recital 63 GDPR, the right of access under Article 15 GDPR serves data subjects to be informed17 KB (2,758 words) - 14:10, 15 December 2021