Search results

processing special categories of data, cf. Article 32(1)(b) GDPR, Article 32(1)(d), Article 24 and Article 35, cf. Article 5. In May 2019, a municipality reported

their employees. The DPA found a violation of Article 5(1)(b) GDPR, Article 5(1)(c) GDPR and Article 13 GDPR. Following a visit to the premises of two public

violating Article 5(1)(c) and Article 5(1)(e) GDPR. The DPA of Berlin fined Deutsche Wohnen SE for violating Article 5(1)(c) and Article 5(1)(e) GDPR, because

outside the material scope of the GDPR. Also, with regards to the definition of personal data from Article 4(1) GDPR, the DPA did not reach a firm conclusion

specific categories of information in Article 8 (1) and (5) of Directive 95/46 or in Article 9 (1), Article 10 (1) and Article 10 of Regulation 2016/679, the

of Chapter V GDPR. The complaint was transferred to the Swedish DPA in its quality of lead supervisory authority pursuant to Article 56 GDPR. Following the

controls, has a date (21.5.2018) subsequent to the date on which the complainant's computer was accessed (16.5.2018) (note 1.3.2019, p. 4-5). 1.4. On 17 May 2019

controller) under Article 33 GDPR. On the 7 December 2023, the Norwegian DPA imposed a reprimand on the municipality under Article 58(2)(b) GDPR, for processing

in the plublic interest, under the data minimisation principle and Article 6(1)(e) GDPR. A citizen requested the deletion of their personal data into the

other things, article 4 paragraph 1 SUWI and the ZBO register of the Dutch central government. See article 2 paragraph 2 SUWI and article 4 paragraph 1

violations (Article 33 of Regulation 2016/679), procedures for reporting data protection breaches to the supervisory authority (Article 33 (3) of Regulation

and annulled that decision, in so far as it did not award any compensation. 5. 5. [Appellant] claims to be entitled to higher compensation than € 300.00.

education) complied with Article 5(1)(c) of the Data Protection Regulation (minimization of data) and the provisions of Article 5(2) and Article 25(1) and (2) when

that a controller is allowed to reject a request to access under Article 12(5)(b) GDPR as "excessive" if the request's sole purpose is to verify the validity

conjunction with Article 56(5), read in conjunction with Article 56(6), read in conjunction with Article 56(7), read in conjunction with Article 56(8). in conjunction

patient data cf. Article 32 GDPR and Article 5(1)(f) GDPR and inadequate internal controls cf. Article 24 GDPR and Article 5(2) GDPR. Østfold Hospital

information [...]". 5. Because according to the above article 17 of the GDPR, as it has been interpreted according to the content of the Guidelines 5/2019 of the

given that Article 6(1), Article 5(1)(a), Article 5(1)(d), Article 5(1)(c), and Article 14 GDPR were infringed in connection to Article 5(1)(b), the AEPD

defendant on the basis of Article 100.1, 5 ° LCA given the breach noted in Article 6 of the GDPR combined with Article 5.1.a) of GDPR; - To dismiss the remainder

the fine, the criteria specified in the same article 83. 111. Article 83 of the GDPR, as referred to in Article 20, paragraph III, of the Data Protection