Search results
From GDPRhub
- NAIH (Hungary) - NAIH-2020-2546-5 (category Article 5(1)(c) GDPR)out in Article 6 (1) of the GDPR In addition, there is a circumstance within the meaning of Article 9 (2) of the GDPR. (45) Article 9 (2) of the GDPR does72 KB (11,159 words) - 10:09, 17 November 2023
- Tietosuojavaltuutetun toimisto (Finland) - 4359/163/2018 (category Article 58(2)(c) GDPR)ten years from the end of the financial year. Further, under Chapter 2, Section 10 (2) of the Accounting Act, unless otherwise provided by law, records for15 KB (2,249 words) - 13:05, 3 March 2024
- APD/GBA (Belgium) - 24/2021 (category Article 35(2) GDPR)the basis of article 6.1 e) GDPR read together with articles 5.2 GDPR and 24.1 GDPR. 3) Violation of Articles 12.1, 12.6, 13.1 and 13.2 GDPR: the Inspection110 KB (18,238 words) - 16:56, 12 December 2023
- AEPD (Spain) - PS/00189/2020 (category Article 58(2) GDPR)Regarding section k) of article 83.2 of the RGPD, the LOPDGDD, article 76, “Sanctions and corrective measures ”, provides: "2. In accordance with the provisions22 KB (3,343 words) - 14:08, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9440075 (category Article 6(2) GDPR)art. 5 and 6 of the GDPR? The DPA held that Regione Campania violated art 5(1)(a)(c), art. 6(1)(c)(e), art. 6(2) and art. 6(3)(b) GDPR, and concluded that27 KB (4,339 words) - 15:50, 6 December 2023
- Datatilsynet (Norway) - 20/02291 (category Article 5(2) GDPR)patient data cf. Article 32 GDPR and Article 5(1)(f) GDPR and inadequate internal controls cf. Article 24 GDPR and Article 5(2) GDPR. Østfold Hospital45 KB (6,645 words) - 14:40, 28 March 2022
- Tietosuojavaltuutetun toimisto (Finland) - 3425/157/2019, 3578/157/2019, 3846/157/2019, 3871/157/2019, 3891/152/2019, 3918/157/2019, 4338/157/2019, 4666/154/2019, 5973/157/2019, 6773/157/2019 ja 7022/157/2019 (category Article 58(2)(c) GDPR)subjects had not suffered any financial harm. Furthermore, as per Article 58(2)(c) and (d) GDPR, the DPA ordered the controller to comply with the data subjects’4 KB (359 words) - 13:03, 3 March 2024
- Garante per la protezione dei dati personali (Italy) - 9542155 (category Article 5(2) GDPR)Authority of Bologna for violation of Articles 5(2)(f) and 9 GDPR. On the basis of Articles 58(2)(i) and 83 GDPR, the Garante imposed a fine of € 18 000 on the26 KB (4,162 words) - 15:54, 6 December 2023
- APD/GBA (Belgium) - 61/2020 (category Article 5(1)(d) GDPR)this regard within the meaning of Article 2 (2) point d) GDPR. Whichcertain officials of the defendant under Article 5, §2 of the Second Ordinanceare appointed41 KB (6,354 words) - 16:59, 12 December 2023
- AEPD (Spain) - PS/00029/2020 (category Article 58(2)(b) GDPR)under Article 58(2)(b) GDPR. The Authority ordered the Health Service to carry out a DPIA and bring its processing operations in line with the GDPR within44 KB (6,943 words) - 13:49, 13 December 2023
- CNPD (Luxembourg) - Délibération n° 13FR/2023 (category Article 5(1)(b) GDPR)employees. The DPA found a violation of Article 5(1)(b) GDPR, Article 5(1)(c) GDPR and Article 13 GDPR. Following a visit to the premises of two public bodies (the96 KB (13,984 words) - 16:57, 6 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 8393/161/2019 (category Article 5(2) GDPR)with Article 5 (1) (a) and Article 6 (1) (f) GDPR. Thus, the controller failed to comply with the accountability principle under Article 5 (2) GDPR. Second111 KB (17,604 words) - 13:08, 3 March 2024
- AEPD (Spain) - PS/00220/2020 (category Article 83(2)(b) GDPR)significant negligent action (Article 83(2)(b) GDPR) and that basic personal identifiers were affected (Article 83(2)(g) GDPR). The economic volume of the28 KB (4,295 words) - 14:11, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9435807 (category Article 58(2)(d) GDPR)the Company, pursuant to Article 58, paragraph 2, letter i), of the Regulation, Article 166, paragraph 7, of the Code and Article 18 of Law no. 689/198158 KB (9,448 words) - 15:50, 6 December 2023
- Commissioner (Cyprus) - 11.17.001.009.232 (category Article 58(2) GDPR)breaching Article 12(3) GDPR, since it failed to notify the data subject that her erasure request was satisfied, as well as Article 24(1) GDPR, given that17 KB (2,515 words) - 11:17, 6 February 2024
- DSB (Austria) - 2020-0.111.488 (category Article 9(2) GDPR)publication of their data under Article 9(2)(a) GDPR and there was no other legal basis for the processing under Article 9(2) GDPR. Consequently, the DSB issued8 KB (1,048 words) - 13:50, 12 May 2023
- APD/GBA (Belgium) - 72/2020 (category Article 9(2) GDPR)lawfulness (section 2.2 below) and purpose (section 2.3 below). Finally, it will address the issue of the sanction (section 2.4 below) 2.1 Applicable Law34 KB (5,677 words) - 17:00, 12 December 2023
- CNPD (Luxembourg) - Délibération n° 38FR/2021 (category Article 38(2) GDPR)analyzes the criteria set by Article 83.2 of the GDPR: - As to the nature and seriousness of the violation [article 83.2 a) of the GDPR], with regard to breaches81 KB (11,895 words) - 16:58, 6 December 2023
- DSB (Austria) - D550.038/0003-DSB/2018 (category Article 5(1)(a) GDPR)conjunction with Article 62 (1) 4 DSG and for the period prior to 25 May 2018 against Article 52 Paragraph 2 no. 7 in conjunction with § 50b par. 2 DSG 2000.31 KB (5,161 words) - 14:02, 12 May 2023
- Tietosuojavaltuutetun toimisto (Finland) - 4282/161/21 (category Article 32(2) GDPR)controller had violated Article 5(1)(f) GDPR, Article 17(1) GDPR, Article 25(1) GDPR, Article 32(1) GDPR and Article 32(2) GDPR. As a result, the DPA issued56 KB (8,980 words) - 08:47, 4 March 2024