Search results
From GDPRhub
- CNIL (France) - SAN-2023-021 (category Article 5(1)(c) GDPR)intrusive and therefore could not be based on Article 6(1)(f) GDPR. Secondly, Article 5(1)(c) GDPR indicates that personal data should be adequate, relevant115 KB (18,607 words) - 11:00, 6 February 2024
- AEPD (Spain) - EXP202201681 (category Article 13 GDPR)allow them to adequately develop the functions that the GDPR assigns them, as Recital 97 of the GDPR recalls, "The level of necessary specialized knowledge195 KB (30,495 words) - 12:40, 13 December 2023
- AEPD (Spain) - EXP202100318 (category Article 5(1)(f) GDPR)Article 5.1.f) of the GDPR and Article 32 of the GDPR, classified respectively in Article 83.5 of the GDPR and Article 83.4 of the GDPR. SEVENTH: Notified133 KB (21,759 words) - 11:41, 28 August 2024
- CNIL (France) - SAN-2023-009 (category Article 7(1) GDPR)26 GDPR. The agreements between Criteo and its commercial partners did not contain specific obligations in relation to the requirements of the GDPR, such78 KB (12,701 words) - 10:11, 28 June 2023
- PHR - 22/01253 (category Article 15 GDPR)corresponding interest can be found in the GDPR. Notably, the PG referenced Recital 52 and Article 9 GDPR. Recital 52 GDPR states that a derogation from the prohibition241 KB (42,617 words) - 14:14, 13 September 2022
- DPC (Ireland) - WhatsApp Ireland Limited - IN-18-12-2 (category Article 4(1) GDPR) (section WhatsApp’s transparency obligations in the context of non-users under Articles 14 and 12(1) GDPR)4(1) of the GDPR. I further note that the text of the accompanying recital (Recital 26 of the Directive) is very similar to the text of Recital 26 of the830 KB (115,261 words) - 15:37, 22 February 2022
- OLG Hamm - 7 U 19/23 (category Article 82 GDPR)of the GDPR according to Art. 99 Para. 2 GDPR as of May 25, 2018 follows from Art. 79 Para. 2 Sentence 1 GDPR in conjunction with recital 22 GDPR as well130 KB (21,874 words) - 09:43, 15 February 2024
- LAG Düsseldorf - 12 Sa 186/19 (category Article 9 GDPR)/ Weichert / Sommer, EU-GDPR and BDSG, 2nd edition 2020, Art. 9 GDPR marginal 3).9 GDPR does not allow recourse to Art. 6 GDPR (Albers / Veit in Wolff120 KB (20,753 words) - 17:06, 7 March 2022
- EDPB - Urgent Binding Decision 1/2021 - 'WhatsApp' (category Article 5(1)(a) GDPR)Articles 63 to 66 GDPR. The GDPR also established a cooperation mechanism between the supervisory authorities. It follows from Article 60 GDPR that the lead188 KB (31,298 words) - 12:31, 20 January 2023
- NAIH (Hungary) - NAIH-5114-35/2022 (category Article 5(1)(e) GDPR)interest. Based on Article 2 (1) of the GDPR, the GDPR must be applied to the data management in this case. GDPR Article 4, point 1: "personal data": for146 KB (22,679 words) - 15:52, 3 May 2023
- ICO - Monetary Penalty on Marriott International Inc. (category Article 5(1)(f) GDPR)data and on the free movement of such data. 3 Recital 3. 4 Recital 5. § Recital 7. 7 See, i particular, Recitals 11, 148, 150, and Article 5, Chapter IV and241 KB (31,368 words) - 09:59, 9 May 2022
- VfGH - G 287/2022-16, G 288/2022-14 (category Article 85 GDPR)Reference to Art. 79 GDPR does not justify any jurisdiction, since Art. 79 GDPR (like Art. 77 GDPR) only refers to violations of the GDPR but not on national202 KB (29,013 words) - 13:35, 12 January 2023
- EDPB - Urgent Binding Decision 01/2023 (category Article 6(1)(f) GDPR)6(1)(f) GDPR, Recital 47 GDPR and the CJEU’s settled case-law 171, three cumulative conditions must be met to be able to rely on Article 6(1)(f) GDPR, ‘namely346 KB (48,181 words) - 16:39, 12 December 2023
- UODO (Poland) - DKN.5112.1.2020 (category Article 5(1)(f) GDPR)under the GDPR. Pursuant to Articles 58(2)(i) and 83 GDPR, the DPA imposed a PLN 1,968,524 fine on the controller for the above-discussed GDPR violations110 KB (17,607 words) - 15:35, 3 January 2023
- UOOU (Czech Republic) - UOOU-01025/20-121 (category Article 5 GDPR)basis under Article 6(1) GDPR and in violation of transparency obligations in the privacy policy under Article 5(1)(a) and 13 GDPR. The DPA in the first instance246 KB (39,598 words) - 09:26, 24 April 2024
- APD/GBA (Belgium) - 07/2024 (category Article 5(1)(c) GDPR)DPA considered the infringement of Article 5 GDPR, Article 24(1) GDPR, as well as Articles 25(1) and (2) GDPR. Secondly, the DPA addressed the access request350 KB (51,369 words) - 09:25, 31 January 2024
- Tietosuojavaltuutetun toimisto (Finland) - 8492/163/20 (category Article 5(1)(d) GDPR)5(1)(d) GDPR and data protection by design of Article 25(1) GDPR. In addition, the DPA held that the controller violated Articles 5(1)(a) and 13 GDPR by not149 KB (24,224 words) - 12:20, 2 January 2023
- AEPD (Spain) - PS/00388/2022 (category Article 32(1) GDPR)violated the article 15 of the GDPR, infringement typified in article 83.5 a) of the GDPR. IV. Secondly, article 32 of the GDPR "Security of treatment", states72 KB (11,730 words) - 08:54, 19 July 2023
- VG Köln - 6 K 3228/19 (category Article 6(1)(f) GDPR)found that GDPR does not prevent the claimant from exercising their basic right. In this regard the court referred to Article 6(1)(f) GDPR to highlight68 KB (11,146 words) - 17:16, 9 March 2022
- Datatilsynet (Norway) - 0/02422 (category Article 5(1)(e) GDPR)Article 12(3) GDPR and Article 15 GDPR due to a failure to respond to an access request that was submitted around a month after the GDPR became applicable162 KB (24,007 words) - 19:41, 15 February 2023