Search results
From GDPRhub
- AEPD (Spain) - PS/00505/2021 (category Article 6(1) GDPR)administrative fine to be imposed, observe the provisions contained in articles 83.1 and 83.2 of the RGPD, which point out: "1. Each control authority will guarantee28 KB (4,283 words) - 09:43, 24 March 2022
- AEPD (Spain) - PS/00140/2022 (category Article 13 GDPR)on a large scale. Despite The GDPR does not define what is meant by large-scale processing, both the recital 91 of the GDPR as the Working Party of article151 KB (23,196 words) - 05:40, 9 May 2023
- APD/GBA (Belgium) - 158/2022 (category Article 6 GDPR)July 2021. 7GDPR, Art. 12. 8 GDPR, Art. 12.2 and 12.3. 9GDPR, Art. 12.3. 1 GDPR, Art. 12.3. 1 GDPR, Art. 12.4. Decision 158/2022 - 6/13 26. Secondly, it42 KB (6,128 words) - 12:47, 16 November 2022
- AEPD (Spain) - PS/00140/2021 (category Article 5 GDPR)fine to be imposed, it is mandatory refer to the provisions of articles 83.1 and 83.2 of the RGPD, provisions that establish: "Each control authority will28 KB (4,254 words) - 11:30, 16 June 2021
- Garante per la protezione dei dati personali (Italy) - 9815931 (category Article 31 GDPR)held that a fine was necessary. The DPA held that, with reference to Recital 148 GDPR, the infringement could not be regarded as 'minor'. Having regard to30 KB (4,724 words) - 13:41, 2 November 2022
- APD/GBA (Belgium) - 149/2023 (category Article 5(1)(a) GDPR)of the GDPR – (article 13.1. c) of the GDPR) and does not mention the data retention periods personal data processed (article 13.2. a) of the GDPR more precisely);113 KB (17,325 words) - 08:50, 19 March 2024
- AEPD (Spain) - PS/00324/2021 (category Article 5(1)(c) GDPR)personal data from Article 9 GDPR. According to the AEPD, even if the controller may had relied on the exemption on Article 9 GDPR(2)(f), since the data were29 KB (4,546 words) - 17:47, 7 January 2022
- AEPD (Spain) - PS-00446-2023 (category Article 6(1) GDPR)article 83.5 a) of the GDPR. SAW In order to establish the administrative fine that should be imposed, they must The provisions contained in articles 83.1 and34 KB (5,141 words) - 09:28, 8 March 2024
- Garante per la protezione dei dati personali (Italy) - 9938463 (category Article 5(1)(d) GDPR)invitation to comply, breaching Article 12 GDPR, Article 15 GDPR, Article 16 GDPR, Article 17 GDPR and Article 18 GDPR. Thus, due to the aformentioned breaches73 KB (11,856 words) - 13:54, 25 October 2023
- VG Ansbach - AN 14 K 19.01274 (category Article 77 GDPR)review under Article 78 GDPR. The disputed infringement occurred before the GDPR came into legal force according to Article 99 GDPR. Therefore, the data subject's35 KB (5,807 words) - 14:24, 12 October 2022
- UODO (Poland) - DKN.5131.22.2021 (category Article 5(1)(f) GDPR)sec. 1 lit. a) and h), art. 58 sec. 2 lit. i), art. 83 sec. 1 - 3, art. 83 sec. 4 lit. a), art. 83 sec. 5 lit. a) in connection with Art. 5 sec. 1 lit68 KB (10,909 words) - 14:47, 25 October 2021
- AEPD (Spain) - PS/00188/2021 (category Article 6(1) GDPR)of the offense typified in the article 83.5.a) of the aforementioned Regulation 2016/679. In this sense, Recital 40 of the RGPD states: "(40) For the treatment33 KB (5,242 words) - 11:42, 11 August 2021
- UOOU (Czech Republic) - UOOU-01025/20-121 (category Article 5 GDPR)basis under Article 6(1) GDPR and in violation of transparency obligations in the privacy policy under Article 5(1)(a) and 13 GDPR. The DPA in the first instance246 KB (39,598 words) - 09:26, 24 April 2024
- AEPD (Spain) - EXP202102433 (category Article 5(1)(f) GDPR)alleged violation of articles 32.1 and 5.1.f) of the GDPR, typified in article 83.4.a) and 83.5.a) of the GDPR, with warning. Receipt by the claimant of the agreement35 KB (5,473 words) - 05:14, 26 April 2023
- VwGH - Ro 2020/04/0031-9 (category Article 6(1)(f) GDPR)1 lit. c GDPR. It cannot be deduced from Section 256 IO that Insolvency data (at all) also based on other permitted circumstances Art. 6 GDPR may no longer74 KB (10,458 words) - 14:49, 27 March 2024
- AEPD (Spain) - PS/00368/2021 (category Article 6(1) GDPR)required by Article 13 GDPR. Furthermore, the AEPD, highlighted that the RFEF did not provide the information required by Article 13(3) GDPR about further processing246 KB (41,139 words) - 14:25, 24 November 2022
- IMY (Sweden) - IMY-2022-9109 (category Article 12(2) GDPR)controller was in breach of Article 12(2) GDPR. The DPA found that the infringements were minor pursuant to Recital 148, because (1) the infringements found65 KB (7,759 words) - 10:10, 30 April 2024
- VGH Baden-Württemberg - 1 S 397/19 (category Article 5(1)(d) GDPR)Article 16 sentence 1 GDPR is the legal basis for a request for rectification, even if the request has been submitted before the GDPR entered into force:112 KB (19,310 words) - 08:08, 23 June 2022
- Tietosuojavaltuutetun toimisto (Finland) - 1150/161/2021 (category Article 83 GDPR)that the firm had violated Articles 33(1) GDPR (notification of data breaches to the DPA) and Article 34(1) GDPR (communication of data breaches to data153 KB (24,570 words) - 15:11, 26 March 2024
- Garante per la protezione dei dati personali (Italy) - 9864063 (category Article 5(1)(b) GDPR)in breach of Articles 5(1)(a) and 6 GDPR. Finally, the Italian DPA found a violation of Article 25(1) and (2) GDPR because the controller had not adopted152 KB (24,743 words) - 14:39, 21 March 2023