Search results
From GDPRhub
- NAIH (Hungary) - NAIH/2020/974/4 (category Article 5(2) GDPR)Pursuant to Article 2 (2), the General Data Protection Regulation shall apply with the additions indicated therein. Pursuant to Article 2 (2) of the General67 KB (10,815 words) - 10:11, 17 November 2023
- ANSPDCP (Romania) - SC C&V Water Control SA (category Article 58(2)(i) GDPR)Control SA violated the GDPR. The DPA highlighted that failing to provide such information upon request was in breach of Article 83(5)(e) in conjuncture3 KB (351 words) - 15:21, 13 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 2984/182/2019 (category Article 25(2) GDPR)complied with the principle of data minimization as per Article 5 (1) (c) and Article 25 (2) GDPR? The Finnish DPA held that the controller has not complied17 KB (2,614 words) - 13:05, 3 March 2024
- UODO (Poland) - ZSOŚS.421.25.2019 (category Article 5(2) GDPR)5 sec. 2, art. 25 sec. 1, art. 32 sec. 1 lit. b, art. 32 sec. 1 lit. d, art. 32 sec. 2, art. 38 sec. 1, art. 39 sec. 1 lit. b and art. 39 sec. 2 of the156 KB (25,012 words) - 10:01, 17 November 2023
- CNPD (Portugal) - Deliberação 2022/140 (category Article 13(2) GDPR)violation of Article 5(1)(f) GDPR and a fine of €100,000 for the violation of Article 37 GDPR. The DPA issued a reprimand for the violations of Article 5(1)(e)75 KB (12,306 words) - 10:02, 21 December 2022
- HDPA (Greece) - 7/2024 (category Article 58(2)(c) GDPR)complete, clear and reasonably certified pursuant to both Article 58(2) GDPR. and Article 21 of N. 2472/1997. Notably, the DPA focused only on the portion7 KB (795 words) - 12:05, 5 April 2024
- Datatilsynet (Norway) - 20/02274 (category Article 5(2) GDPR)fundamental principles of the GDPR, notably Article 5(1)(a) and (e) GDPR. The DPA found violations of various provisions of the GDPR. It held that the controller47 KB (7,661 words) - 18:54, 5 March 2022
- VGH München – 11 ZB 19.991 (category Article 5(1)(b) GDPR)also be subject to the provisions of Article 6.1(e) DSGVO in conjunction with Article 6.1(b) DSGVO. Article 2, 28.2 no. 2 BayDSG without the consent of the31 KB (5,184 words) - 17:19, 15 April 2023
- Court of Appeal of Brussels - 2021/AR/163 (category Article 83 GDPR)have entered into a breacha / 'article 14.1-2 combined' article 12.3, article 6, article 5.1, c) and articles 5.2 and 24.1-2 of the RGPO. It is therefore72 KB (11,389 words) - 08:59, 20 August 2021
- AEPD (Spain) - EXP202104873 (category Article 5(1)(f) GDPR)for the alleged violation of Article 5.1.f) of the GDPR and Article 32 of the GDPR, typified in Article 83.5 of the GDPR. FIFTH: Notified of the aforementioned24 KB (3,512 words) - 10:43, 13 December 2023
- Persónuvernd - 2020051604 (category Article 2 GDPR)within the meaning of Paragraph 3. Article 3 Act no. 90/2018. 2. Answers to questions from the Directorate of Labor 2.1. First of all, the Directorate of13 KB (1,930 words) - 09:33, 13 May 2022
- ANSPDCP (Romania) - Sanatatea Press Group S.R.L. (category Article 32(2) GDPR)had breached its obligations under Articles 5(1)(f), as well as 32(1) and (2). As a consequence, the ANSPDCP issued an administrative fine of €2000 against4 KB (422 words) - 15:20, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9256486 (category Article 4 GDPR)accountability (Article 5 (2) and 24 (1), (2) GDPR), privacy by design (Article 25 (1) GDPR) and as controller towards its data processors (Article 28 GDPR). Consequently144 KB (23,155 words) - 15:46, 6 December 2023
- AEPD (Spain) - PS/00114/2019 (category Article 6(1) GDPR)third parties (article 83.2.k, of the RGPD in relation to article 76.2.b, of the LOPDGDD) The continued nature of the infraction (article 83.2.k of the RGPD60 KB (10,197 words) - 14:01, 13 December 2023
- AEPD (Spain) - EXP202200471 (category Article 5(1)(f) GDPR)the violation of Article 5(1)(f) GDPR and €30,000 for the violation of Article 32 GDPR. According to the national legislation (Article 76(2)(b) LOPDGDDon40 KB (6,014 words) - 13:21, 13 December 2023
- CNPD (Luxembourg) - Délibération n° 21FR/2021 (category Article 5(1)(c) GDPR)company was not compliant with Article 13 GDPR. The CNPD held that the controller infringed Article 5(1)(c) GDPR and Article 13 GDPR and decided to: - impose52 KB (7,520 words) - 13:13, 20 July 2021
- AZOP (Croatia) - Decision 08-03-2022 (supermarket chain) (category Article 32(2) GDPR)concluded that the controller violated Article 32(1)(b), Article 32(1)(d), Article 32(2), and Article 32(4) GDPR. Therefore, the DPA decided to impose a6 KB (730 words) - 15:49, 30 October 2023
- ANSPDCP (Romania) - 04.01.2023 (category Article 32(2) GDPR)violation of Article 32 GDPR, the "Security of processing". More specifically, the controller violated Article 32(1)(b), 32(2), and 32(4) GDPR. For its breaches4 KB (471 words) - 15:15, 13 December 2023
- BVwG - W214 2233132-1/27E (category Article 15 GDPR)violates the GDPR or paragraph one or Article 2 1st part. (2) The complaint must contain: 1. the name of the right deemed to have been violated, 2. to the extent87 KB (14,194 words) - 10:07, 15 February 2024
- CJEU - C-601/20 - SOVIM (category Article 25(2) GDPR)guaranteed by Article 7 of the Charter and the right to protection of personal data guaranteed by Article 8 of the Charter? Question 3 1. Is Article 5(1)(a)9 KB (1,176 words) - 13:29, 5 January 2024