Search results

compliance with the GDPR under Article 58(2)(d) GDPR or even ban it under Article 58(2)(f) GDPR. Therefore, complaints under Article 77 GDPR should extend to

with Article 58(2)(d) GDPR, the DPA ordered the controller to bring its processing operations into compliance with the provisions of Article 9 GDPR. The

recommendations that are included in the confidential report according to Article 58(2)(d) GDPR and inform the HDPA accordingly. Share your comments here! Share

affinity" on the power of redress under Article 58(2)(d) of the DPA. In fact, it should have relied on Article 58(2)(f) of the DSGVO. In principle, this must

Moreover, the information provided as per Article 13 GDPR were not compliant with the requirements of Article 12 GDPR in light of the fact that TikTok services

Articles 5, 6 par. 1 point (e) and 9 par. 2 (g) GDPR 2016/679 and c) calls, pursuant to article 58 par.2 verse. d GDPR 2016/679, 401 General Military Hospital

out and the resolutions issued under this article. (…)” SAW In accordance with the provisions of article 58.2 d) of the RGPD, each authority of control may

controller in accordance with Article 58 (2) (b) of the General Data Protection Regulation and an order in accordance with Article 58 (2) (d) of the General Data

on final judgments did not comply with Article 25(1) GDPR. Pursuant to Article 58(2)(b) and Article 58(2)(d) GDPR, the DPA reprimanded the controller for

on final judgments did not comply with Article 25(1) GDPR. Pursuant to Article 58(2)(b) and Article 58(2)(d) GDPR, the DPA reprimanded the controller for

violated Article 5(1)(a) GDPR, Article 5(1)(c) GDPR, Article 9 GDPR and Article 25(2) GDPR. As a result, and in accordance with Article 58(2)(d) GDPR, the

violated Article 5(1)(e) GDPR and Article 25(2) GDPR. As a result, the DPA issued a reprimand to the controller in accordance with Article 58(2)(b) GDPR. Pursuant

commercial messages. Consequently, pursuant to its powers under Article 58(2)(d) GDPR, the DPA ordered the controller to take technical and organizational

the GDPR within 1 month starting from the receipt of this decision; c)ordered the company comply with the Article 5(1)(a) GDPR and Article 5(2) GDPR, as

confidentiality as laid down in Article 5(1)(d) and (f) GDPR read in conjunction with the principle of accountability according to Article 5(2) GDPR. The ANSPDCP imposed

game company to bring its processing operations into compliance with Article 12(2) GDPR as it found they should implement additional modalities to facilitate

unlawful. As per Article 58(2) d, the Finnish DPA ordered the housing cooperative to bring the personal data processing activities in line with GDPR. The decision

corrective powers under Article 58(2) GDPR, namely 58(2)(d) and (g) GDPR, may be exercised by the DPA on its own motion. Article 58(2)(c) GDPR, on the other hand

imposed two corrective measures on the controller according to Article 58(2)(c) and (d) GDPR and the fine of 14,420.4 lei, the equivalent of the amount of

took place. Therefore, as per Article 58 (2) (b), DPA issued a reprimand to the controller as per and, as per Article 58 (2) (d), ordered the controller to

according to Article 58(2)(d). Share blogs or news articles here! The decision below is a machine translation of the Romanian original. Please refer to the

Romanian DPA (ANSPDCP) fined leasing company €15,000 for violation of Article 32(1) and (2) GDPR after investigating a data breach reported by the company, where

enshrined in Article 5(1)(c) GDPR. The Finish DPA further ordered the controller to bring its processing activities into compliance under Article 58(2)(d) GDPR

subjects had not suffered any financial harm. Furthermore, as per Article 58(2)(c) and (d) GDPR, the DPA ordered the controller to comply with the data subjects’

reprimand to the controller in accordance with Article 58(2)(b) GDPR. Pursuant to Article 58(2)(d) GDPR, the DPA also ordered the controller to erase the

processing operations in line with the provisions of the GDPR in accordance with Article 58 (2) (d). Share blogs or news articles here! The decision below

CPDP issued NRA an order under Article 58(2)(d) supra Article 57(1)(a) and Article 83(2)(a), (c), (d), (f) and (g) of the GDPR for undertaking suitable technical

considered appropriate in accordance with Article 31(1)(b) GDPR and Article 32(2) GDPR. Pursuant to Article 58(2)(d) GDPR, the DPA ordered the controller to identify

reprimand to the controller in accordance with Article 58(2)(b) GDPR. Pursuant to Article 58(2)(d) GDPR, the DPA also ordered the controller to bring its

subject's rights, such as the right to object according to Article 21 GDPR. Pursuant to Article 58(2)(d) GDPR, the DPA ordered the controller to ensure that data

infringements of Article 5(1)(c), Article 5(1)(e) and Article 6(1)(f) the DPC issued a reprimand to Airbnb pursuant to Article 58(2)(b) of the GDPR. In addition

violated Article 5(1)(c) GDPR, Article 25(2) GDPR and Section 29(4) of the Finnish Data Protection Act. As a result, and in accordance with Article 58(2)(d)

the GDPR, pursuant to Articles 58(2)(b) and (d) respectively. For the violation of Article 5(1)(f), it issued a fine of €10000, pursuant to Article 58(2)(i)

by the above Registry, (1) and (2) and Article 13.II.The Authority instructs the Obliged Pursuant to Article 58 (2) (d) of the General Data Protection

notified in accordance with the data protection regulation, article 58, subsection 2, letter d. Failure to comply with an order can - unless a higher penalty

violated Article 5(1)(c) GDPR, Article 5(1)(e) GDPR, Article 12(2) GDPR, Article 12(6) GDPR and Article 25(2) GDPR. In accordance with Article 58(2)(c) GDPR

RESOLUTION Article 56 (1) and (2) point 8, § 58 (1) of the Personal Data Protection Act (hereafter IKS) and Article 58 (1) point d and (2) points d, e and

Art 4 (11) GDPR. In accordance with Art 58(2)(d), the Finnish DPA instructs the controller to align its process to obtain consent with the GDPR provisions

In an Article 60 GDPR procedure, the Norwegian DPA ordered an HR-services provider, pursuant to Article 58(2)(d) GDPR, to provide the data subject with

minimisation, pursuant to Article 58(2)(d). The Garante also fined the company €20000 for its breach of Articles 5(1)(a) and (c) GDPR. In determining the amount

regulated in article 32 of the GDPR, which regulates the security of the treatment. IV. Article 5.1.f) of the GDPR Article 5.1.f) of the GDPR establishes

circumstances of the specific case (art. 58, par. 2, letter i) Regulation). 4. Order for an injunction. Pursuant to art. 58(2)(i) of the Regulation and art. 166(3)

in line with Article 13 GDPR. On the DSB's request, the controller declared R*** Hotels GmbH as its representative under Article 27 GDPR and sent a reply

under Article 58(2)(b) GDPR. The Authority ordered the Health Service to carry out a DPIA and bring its processing operations in line with the GDPR within

to the controller in accordance with Article 58(2)(b) GDPR. Pursuant to Article 58(2)(d) GDPR, the DPA also ordered the controller to comply with the principles

controller) about €352,555 (NOK 4,000,000) for violating Article 5(1)(f) GDPR, Article 24 GDPR and Article 32 GDPR after a serious ransomware attack led to highly

controller had violated Article 5(1)(f) GDPR, Article 17(1) GDPR, Article 25(1) GDPR, Article 32(1) GDPR and Article 32(2) GDPR. As a result, the DPA issued

reprimand to the controller in accordance with Article 58(2)(b) GDPR. Pursuant to Article 58(2)(d) GDPR, the DPA also ordered the controller to define

The AEPD then issued the MCP with a warning under Article 83(5)(b) and pursuant to Article 58(2)(d) ordered the MCP to adapt its information provision

constituted a violation of Articles 123(2) and 132-ter of the Italian Privacy Code. Applying Articles 58(2)(d) and (2)(i), the Garante ordered Iliad to adapt

third parties (article 83.2.k, of the RGPD in relationwith article 76.2.b, of the LOPDGDD)SAWIn accordance with articles 58.2 and 83.2 of the RGPD, previously

(2016/679) Article 5 (1) (a), Article 12 (1), (2) and (6) , Article 13, Article 15 (1) (h), (3) and (4), Article 58 (2) (c) and (d) subparagraphs Article 34 (1)

internal compliance and accountability according to Article 5(1) GDPR, Article 5(2) GDPR and Article 6(1) GDPR. Since the company had totally ignored the its

Company itself, pursuant to Article 58, paragraph 2, letter i), of the Regulation, Article 166, paragraph 7, of the Code and Article 18 of Law no. 689/1981

reasons the Italian DPA, with the power conferred by Article 58(2)(d) and (f) and Article 83(3) and (5) GDPR, imposed to Fastweb multiple corrective measures

administrative fine in the amount of 2,000,000 ISK on the controller under Article 83(2)(a) GDPR and Article 83(2)(g) GDPR. This is just one of five decisions

homeowner’s association. The DPA fined the controller $300 under Article 58(2)(d) GDPR and ordered that the cameras be removed or reoriented so that they

with Article 58 section 2 C, the DPA ordered the controller to delete the data subject’s data in accordance with Article 17 GDPR. Pursuant to Article 58(2)(d)

violated Article 12(3) and Article 21 GDPR by not respecting the data subject's objection. Based on its powers pursuant to Article 58(2)(i) GDPR, the DPA

context of employment as per Article 88 GDPR. For these reasons, the Garante: - With the power conferred by Article 58(2)(i) GDPR, imposed a fine of €20,000

within the meaning of Article 4(15) GDPR and Article 9(1) GDPR. Processing of sensitive data requires a legal basis under Article 9(2) GDPR. In the present case

access request (Article 15 GDPR). Therefore, the controller violated Article 12(2) GDPR. The DPA reprimanded the controller (Article 58(2)(b) GDPR) and ordered

space. The DPA found a violation of Article 6(1) GDPR and ordered the controller, pursuant to Article 58(2)(d) GDPR, to adjust the location of the cameras

instruction to ensure compliance with the GDPR, the ANSPDCP did not explicitly refer to Article 58(2)(d) GDPR but it can be assumed that the instruction

investigation, in accordance with Article 58(2)(d) GDPR, the DPA also imposed on the controller the corrective measure to provide and communicate all the

provisions of Article 32(1)(b) GDPR and Article 32(2) GDPR. The DPA fined the processor €2,000 for this data breach. Under the Article 58(2)(d) GDPR it was decided

compliance with Article 32(1) and issued reprimands in respect of the infringements, pursuant to Articles 58(2)(b), (d), and (i) GDPR respectively. Procedure

that a fine of €2,000 be set for the infringement of Article 13 GDPR as defined in Article 83(5) GDPR. Pursuant to Article 58(2)(d) GDPR the Spanish DPA

which the data are processed. At the same time, pursuant to art. 58 para. (2) lit. d) from the RGPD, the following corrective measures were ordered against

personal data. The DPA also issued a formal notice pursuant of Article 58(2)(d) GDPR and Article 20.II of the French Data Protection Act to limit the retention

freedoms that could not be mitigated, and referred to Article 36(1) GDPR and Article 36(2) GDPR. The DPA ordered the municipality to: Change the data processing

violation of Article 32 GDPR since the controller did not implement the measures necessary to prevent such disclosure. Under Article 58 (2)(d) GDPR, Speedy

to Article 58(2)(a) and ordered the controller to bring its processing operations into compliance with the GDPR, pursuant to Article 58(2)(d) GDPR. Share

Finnish DPA therefore instructed the controller in accordance with Article 58(2)(d) GDPR to bring the processing operations in line with the rules on the

6(1)(a) GDPR and 4(11) GDPR. Therefore, the controller violated Articles 5(2) and 5(1)(a) GDPR. The DPA ordered the controller, pursuant to Article 58(2)(d)

In an Article 60 GDPR procedure, the DPA of Malta reprimanded a controller (Article 58(2)(b) GDPR) for requesting the data subject to sign an agreement

6(1)(a) GDPR and 4(11) GDPR and did therefore violate Articles 5(2) and 5(1)(a) GDPR. The DPA ordered the controller pursuant to Article 58(2)(d) GDPR to ensure

32(2) GDPR for insufficient risk assessment of security measures in the MyPostNord service, and ordered the controller, pursuant to Article 58(2)(d) GDPR

erasure request pursuant of Article 58(2)(d) GDPR. Also, the DPA ordered the controller pursuant of Article 58(2)(d) GDPR to provide the data subject information

cf. Article 35 of the Data Protection Regulation. The order is announced in accordance with the data protection regulation, article 58, subsection 2, letter

data protection regulation article 6 no. 1 letter f. 2. Pursuant to the Personal Protection Regulation article 58 no. 2 letter d, Recover AS is ordered to

6(1)(a) GDPR. The Italian DPA ordered the controller to erase personal data and stop the processing pursuant to Article 58(2)(d) and (f) GDPR. The DPA

according to Article 83(4)(a) GDPR. However, the AEPD imposed no fines in either of the two violations. Instead, according to Article 58(2)(d) GDPR, the AEPD

Pursuant to Article 58(2)(d) of the GDPR, the DPA ordered Associazione Rousseau to comply with the provisions of Article 28(3)(g) of the GDPR by ensuring

to Articles 114 and 157 of the Privacy Code. Pursuant to Article 58(2)(i) GDPR and 83 GDPR, the DPA imposed an administrative fine of €6,000.00, and an order

violated Article 6 (1) point f) of the GDPR. (61) The Authority grants the Requester's request and, based on Article 58 (2) point d) of the GDPR, instructs

of fairness pursuant to Article 5(1)(a) GDPR.” Summary of Envisaged Action The DPC made an order pursuant to Article 58(2)(d) GDPR, requiring Meta IE to

third parties. In addition, through the authority identified in Article 58(2)(d) GDPR, the Italian DPA orders PagoPA S.p.A to adopt the appropriate technical

of fairness pursuant to Article 5(1)(a) GDPR”. Summary of Envisaged Action The DPC made an order pursuant to Article 58(2)(d) GDPR, requiring Meta IE to

per Article 57(1)(a) GDPR, Article 57(1)(h) GDPR, cf. Article 58(1)(a) GDPR, Article 58(1)(b) GDPR, Article 58(1)(e) GDPR and Article 58(1)(f) GDPR. The

Applicant concerned infringes Article 12 (2) of the General Data Protection Regulation and Article 25 (2) and Article 58 (2) (d) of the General Data Protection

Union Article 58 of the General Data Protection Regulation in particular by alerting the controller or processor. In accordance with Article 58 (2) (d) of

access (Article 15 GDPR), rectification (Article 16 GDPR), erasure (Article 17 GDPR), restriction (Article 18 GDPR), notification (Article 19 GDPR) or data

controller, pursuant to Article 58(2)(d) GDPR, ordering the controller to bring its processing activities in line with the GDPR. The DPA also imposed an

of the data subject ('storage limitation');'. Article 58(2)(d) of the GDPR reads: "Article 58 Powers (2) Each supervisory authority shall have all of the

found that the company violated Article 7 (3) GDPR, Article 12 (2) GDPR, Article 17 (1)(b)GDPR and Article 24 (1) GDPR, by failing to implement appropriate

GDPR and Article 66.2 WOG); and • compliance with the transparency obligations (Article 12 GDPR) and the te provide information (Article 13 GDPR). Page

measures, as per Article 58(2)(d) GDPR, have been adopted, obliging the controller to complete implementation of relevant technical and organizational measures

enforceable order against the Job Centre under Article 58(2)(d) GDPR to bring its processing into compliance with the GDPR and re-designate the dismissed DPO. The

consent under Article 6(4) GDPR and further processing for a compatible purpose under Article 6(4) GDPR. See the commentary on Article 6(4) GDPR for details