Search results
From GDPRhub
- corresponding legal basis contained in Article 6(1)(a) GDPR, 6(1)(d) GDPR and 6(1)(e) GDPR respectively, and would require no additional correlation. The other44 KB (5,905 words) - 14:00, 24 October 2023
- Article 6 GDPR (category GDPR Articles) (section Tension with Article 5 and 12 GDPR in case of routine reliance on Article 6(4) GDPR)There is a slightly different concept of "explicit consent" in Articles 9(1)(a), 22(2)(c) and 49(1)(a) GDPR. See the commentary on Article 9(1)(a) GDPR for108 KB (17,005 words) - 15:39, 18 March 2024
- consent under Article 6(4) GDPR and further processing for a compatible purpose under Article 6(4) GDPR. See the commentary on Article 6(4) GDPR for details51 KB (6,355 words) - 08:25, 18 April 2024
- alike. This consent is not valid. If a controller relies on consent under Article 6(1)(a) or Article 9(2)(a) GDPR, data subjects can withdraw their consent31 KB (3,489 words) - 16:00, 8 March 2024
- safeguards (see Article 32(1)(a) GDPR); Handling of personal data breaches (see Article 34(3)(a) GDPR); Changing purposes of data processing (Article 6(4)(e) GDPR);125 KB (16,328 words) - 16:01, 8 March 2024
- Article 13 GDPR (category GDPR Articles) (section Automated decision-making ... referred to in Article 22(1) and (4))reliance on Article 6(1)(f) GDPR or at least exercise the right to object under Article 21 GDPR. If the legal basis is Article 6(1)(f) GDPR (i.e. 'legitimate71 KB (9,532 words) - 13:30, 6 March 2024
- Article 17 GDPR (category GDPR Articles) (section (i) Erasure following objection under Article 21(1))provided for in Article 6(1)(a) GDPR or, as the case may be, Article 9(2)(a) GDPR, and consent is withdrawn according to Article 7(3) GDPR, data must be61 KB (8,488 words) - 15:47, 18 March 2024
- legitimate interest that a controller must demonstrate under Article 6(1)(f) GDPR, as any processing based on Article 6(1)(f) GDPR would otherwise be essentially49 KB (5,993 words) - 06:22, 16 June 2023
- Article 18 GDPR (category GDPR Articles) (section (d) Objection to processing under Article 21(1) GDPR)legitimate interest (Article 6(1)(f) GDPR) or (ii) the public interest (Article 6(1)(e) GDPR). Hence, data subjects may find themselves in a situation where32 KB (3,730 words) - 08:43, 7 March 2024
- basis of Article 6(1)(c) GDPR (i.e. processing is necessary for compliance with a legal obligation to which the controller is subject) or Article 6(1)(e) GDPR22 KB (2,177 words) - 10:01, 19 March 2024
- the GDPR (Article 3)’, 12 November 2019 (Version 2.1), p. 6 (available here). EDPB, ‘Guidelines 3/2018 on the territorial scope of the GDPR (Article 3)’37 KB (4,635 words) - 13:29, 24 October 2023
- entities could claim a legitimate interest under Article 6(1)(f) GDPR for communication data for purposes that are even less serious. Such a legitimate interest28 KB (3,831 words) - 16:21, 14 March 2024
- Overview of GDPR (section GDPR as a raw data law)of such processing (see Article 5(1)(b) GDPR), the requirement to have a legitimate basis laid down by law (see Article 6(1) GDPR), the right to access and48 KB (5,978 words) - 15:57, 1 February 2024
- GDPRhub style guide (section GDPR)Member States. Example: Article 6(1)(a) GDPR Example: Not Art. 6 Abs 1 Lit a GDPR or Article 6 GDPR or GDPR Article 6, Sec 1(a) Recitals are also not shortened17 KB (2,510 words) - 13:56, 24 April 2023
- Article 51 GDPR (category GDPR Articles) (section (1) Establishment of a supervisory authority (SA))complying with a legal obligation to which the controller is subject, under Article 6(1)(c) GDPR. In line with the general objectives of the GDPR, as outlined27 KB (2,604 words) - 14:24, 16 January 2024
- of data listed under Article 9(1) GDPR. There have been conflicting arguments as to whether Article 22(1) GDPR lays down a right or a general prohibition31 KB (4,768 words) - 06:24, 16 June 2023
- Article 55 GDPR (category GDPR Articles) (section (1) Territorial competence of supervisory authorities (SAs))which would be competent under Article 55(1) GDPR, as provided in Article 56 GDPR in connection with Article 60 GDPR. For more information see commentary35 KB (3,971 words) - 21:34, 1 April 2024
- lead SA (“LSA”) (Article 65(1)(b) GDPR), and where a SA is not following an opinion of the EDPB (Article 6(1)(c) GDPR). Article 65(1)(a) GDPR addresses the33 KB (4,185 words) - 16:09, 2 November 2023
- CJEU - C-77/21 - Digi (category Article 6(1)(a) GDPR)compliant with Articles 5 and 6 GDPR. According to Article 6 GDPR, when a controller did not rely on consent (Article 6(1)(a) GDPR), its processing should be49 KB (7,800 words) - 09:22, 5 January 2024
- Norges Høyesterett - 2021-2403-A (category Article 6(1)(a) GDPR)other two conditions of Article 6 (1) (f) of the GDPR are not met. (26) The second condition of Article 6 (1) (f) of the GDPR is that the processing of46 KB (7,024 words) - 06:18, 6 March 2022
- been provided, where: (a) the processing is based on consent pursuant to point (a) of Article 6(1) or point (a) of Article 9(2) or on a contract pursuant to40 KB (5,349 words) - 07:05, 1 June 2023
- HDPA (Greece) - 48/2021 (category Article 6(1)(a) GDPR)provisions Article 4.11: Consent (definition) Article 4.12: Violation of personal data (definition) Article 5.2: Principle of accountability Article 6.1.a: Legal8 KB (1,028 words) - 12:49, 24 November 2021
- AEPD (Spain) - E/03276/2021 (category Article 6(1)(a) GDPR)provided in article 46.1 of the aforementioned Law. 940-0419 Mar Spain Martí Director of the Spanish Agency for Data Protection C / Jorge Juan, 6 www.aepd10 KB (1,288 words) - 13:39, 13 December 2023
- CJEU - C-61/19 - Orange Romania (category Article 6(1)(a) GDPR)consented to processing of his or her data (Art 7 (1) GDPR). This is equally true under Article 7(a) of the Directive 95/46, which required that the data8 KB (1,074 words) - 13:50, 11 August 2022
- Article 10 GDPR (category GDPR Articles)processing still needs to rely on a legal basis from Article 6(1) GDPR and comply with the principles enshrined in Article 5 GDPR. Additionally, the processing17 KB (1,768 words) - 15:41, 18 March 2024
- Datatilsynet (Norway) - 15/01355 (category Article 6(1)(a) GDPR)Supervision: Article 6(1)(f), legitimate interest. For the special category personal data: About diagnosis: Article 6(1)(a), cf. Article 9(2)(a), consent16 KB (2,111 words) - 06:21, 6 March 2022
- Datatilsynet (Denmark) - 2018-32-0357 (category Article 6(1)(a) GDPR) (section 5.1. Is this a case of processing personal data that the Datatilsynet has competence to assess?)The heading of Article 6(1) and the wording “has given” in Article 6(1)(a) support this interpretation. It follows logically from Article 6 and Recital 4065 KB (9,767 words) - 16:22, 6 December 2023
- APD/GBA (Belgium) - 31/2020 (category Article 6(1)(a) GDPR)this case under Article 6(1)(a) or 6(1)(c)? If Article 6(1)(a) applies, do the requirements for parental consent under Article 8 GDPR also apply? Did the48 KB (7,926 words) - 16:56, 12 December 2023
- Personvernnemnda (Norway) - 2018-14 (15/01355) (category Article 6(1)(a) GDPR)category personal data and thus requires a legal ground for processing as per Article 9(2) GDPR, in addition to Article 6(1). However, the Board were split in144 KB (23,058 words) - 18:48, 5 March 2022
- CNIL (France) - SAN-2019-001 (category Article 6(1)(a) GDPR)with Article 57(1)(a) and (h) of the RGPD. Moreover, the restricted formation notes that Article 80 of the EPMR provides for the possibility for a person90 KB (14,556 words) - 17:08, 6 December 2023
- against a controller (as defined under Article 4(7) GDPR) and a processor (as defined under Article 4(8) GDPR). As noted above, Article 79 GDPR imposes31 KB (3,550 words) - 11:11, 29 November 2023
- AP (The Netherlands) - 10.12.2019 (category Article 6(1)(a) GDPR)investigated are not compliant with the consent requirements under Article 6(1)(a) GDPR when placing cookies. Following its investigation of 175 websites5 KB (648 words) - 17:12, 12 December 2023
- AEPD (Spain) - PS/00438/2019 (category Article 6(1)(a) GDPR)personal data is consent (Article 6(1)(a) GDPR) given while registering to the newsletter. Article 8(1) GDPR establishes the age at which a minor can legally give3 KB (335 words) - 14:40, 13 December 2023
- ANSPDCP (Romania) - Natural Person (category Article 6(1)(a) GDPR)provisions of Article 5(1)(a), 5(1)(f), and Article 6(1)(a) GDPR) and €50 (for violating Article 58(1)(a), 58(1)(e) and Article 83(5)(e) GDPR). Thus, the5 KB (507 words) - 14:47, 5 October 2022
- Commissioner (Cyprus) - patient data on Instagram (category Article 6(1)(a) GDPR)The Commissioner fined a doctor € 14,000 for publishing sensitive patient data on Instagram. Patient filed a complaint with the Commissioner because her2 KB (151 words) - 16:53, 6 December 2023
- AEPD (Spain) - PS/00136/2020 (category Article 6(1)(a) GDPR)without a basis from Article 6. Therefore, the AEPD considered that there has been an infringement of Article 6.1, entailing a fine of €2000. Article 14 refers3 KB (337 words) - 14:04, 13 December 2023
- HDPA (Greece) - 5/2023 (category Article 6(1)(a) GDPR)DPA found a violation of the principle of lawfulness, fairness and transparency established in Article 5(1)(a) GDPR. Moreover, the DPA found a violation5 KB (578 words) - 05:32, 26 April 2023
- AEPD (Spain) - PS/00187/2019 (category Article 6(1)(a) GDPR)contrary to GDPR, specifically, articles Articles 5(1)(a) and 6(1)(a) GDPR. Though the Hospital acknowledged that the form was not adapted to the new GDPR rules5 KB (497 words) - 14:08, 13 December 2023
- LfD (Lower Saxony) - Fine EUR 900,000 against bank (category Article 6(1)(a) GDPR)as per Article 6(1)(f) GDPR. The DPA found that the analysis of large amounts of data to create customer profiles could not be based on Article 6(1)(f).8 KB (1,008 words) - 10:05, 23 August 2022
- APD/GBA (Belgium) - 103/2022 (category Article 6(1)(a) GDPR)The DPA therefore held that the controller violated Article 6(1)(a) (jo Article 4(11) and Article 7(1)). Regarding the pre-ticked boxes for third-party cookies6 KB (569 words) - 12:31, 3 August 2022
- OVG Saarlouis - 2 A 355/19 (category Article 6(1)(a) GDPR)with Article 6(1)(f) GDPR when no valid consent has been obtained? The OVG Saarlouis also dismissed the appeal of the plaintiff arguing as follows: 1) The7 KB (754 words) - 08:18, 29 December 2021
- Tietosuojavaltuutetun toimisto (Finland) - 6465/182/2018 (category Article 6(1)(a) GDPR)below is a machine translation of the original. Please refer to the Finnis original for more details. Assistant Data Protection Officer gave Finnkino a note6 KB (744 words) - 13:05, 3 March 2024
- Court of Appeal of Brussels - 2022/AR/953 (category Article 6(1)(a) GDPR)the board management of the DPA to issue a referral in order to open an ex officio investigation (Article 63(1) of the Law establishing the Belgian DPA)7 KB (681 words) - 10:43, 15 January 2024
- AEPD (Spain) - PS/00069/2020 (category Article 6(1)(a) GDPR)respective data subject, therefore infringing Article 6(1)(a) GDPR. On 23 October 2019, a complaint was lodged before a court relating to the fact that the personal20 KB (3,066 words) - 13:55, 13 December 2023
- ANSPDCP (Romania) - 31.01.2023 (category Article 6(1)(a) GDPR)requirements of Article 33 GDPR. Based on a data subject's complaint, the Romanian DPA started investigations into a dental practice and a collaborating8 KB (1,123 words) - 15:15, 13 December 2023
- AEPD (Spain) - PS/00089/2021 (category Article 6(1)(a) GDPR)the privacy policy. Thus, Article 21(1) LSSI has not been complied with, as there is no consent according to Articles 6 and 7 GDPR. Serious infringements11 KB (1,490 words) - 13:58, 13 December 2023
- AEPD (Spain) - PS/00141/2020 (category Article 6(1)(a) GDPR)recordings of a witness on a website an infringement of Article 6(1)(a) GDPR? Is placing cookies without consent when visiting a webpage and not having a "refusal26 KB (4,150 words) - 14:05, 13 December 2023
- AEPD (Spain) - PS/00335/2019 (category Article 6(1)(a) GDPR)subjects infringes Article 6 (1) (a) GDPR. The AEPD fined the data processor in an amount of 4,000 Euro for the violation of Article 6 (1) (a) GDPR. Since the21 KB (3,281 words) - 14:30, 13 December 2023
- AEPD (Spain) - PS/00075/2020 (category Article 6(1)(a) GDPR)Mr. A.A.A., with NIF ***NIF.1, for an infringement of article 6.1.a) of the RGPD, typified in article 83.5 of the RGPD and considered very serious a prescription31 KB (4,909 words) - 13:56, 13 December 2023
- CE - N° 429571 (category Article 6(1)(a) GDPR) (section On the CNIL's competence to interpret Article 6 GDPR)websites do not have a legitimate interest to store credit card data under Article 6(1)(f) GDPR. On 6 September 2018, the CNIL issued a Recommendation on19 KB (2,790 words) - 09:50, 10 September 2021
- AEPD (Spain) - PS/00405/2020 (category Article 6(1)(a) GDPR)ASSOCIATION *** ASSOCIATION. 1, with NIF G98925795, for an infringement of article 6.1.a) of the RGPD, typified in article 83.5 of the RGPD, a fine of 3,000 euros20 KB (3,047 words) - 14:35, 13 December 2023
- CPDP (Bulgaria) - PNN-01-433/2019 (category Article 6(1)(a) GDPR)fined a political party about €1000 (BGN 2000) for processing personal data without a legal ground as required by Article 6(1) GDPR, after hiring a handwriting18 KB (2,987 words) - 16:49, 6 December 2023
- AEPD (Spain) - EXP202204515 (category Article 6(1)(a) GDPR)2022, A.A.A. (hereinafter, the claiming party) filed a claim with the Spanish Data Protection Agency. The claim is directed against XFERA MÓVILES, S.A. with20 KB (3,159 words) - 13:20, 13 December 2023
- AEPD (Spain) - PS/00484/2020 (category Article 6(1)(a) GDPR)these messages. Is this a violation of Article 6(1)(a) GDPR? The AEPD held that this behaviour was a violation of Article 6(1)(a) GDPR and fined Vodafone €10027 KB (4,189 words) - 14:44, 13 December 2023
- AKI (Estonia) - 2.1.-1/23/2891-5 (category Article 6(1)(a) GDPR)rely on Article 6(1)(a) GDPR. Secondly, the DPA recalled that, according to Article 6(1)(f) GDPR, processing of personal data on the basis of a legitimate23 KB (3,657 words) - 11:23, 17 April 2024
- AEPD (Spain) - PS/00278/2019 (category Article 6(1)(a) GDPR)lack of valid consent under Article 6(1)(a) GDPR. Thus, it imposed VODAFONE a fine of EUR 75,000 under Article 83(5) GDPR, being indecisive whether there23 KB (3,672 words) - 14:25, 13 December 2023
- BAC (Bulgaria) - № 6515 (category Article 6(1)(a) GDPR)for performance of a contract," and "necessary for compliance with a legal obligation," under Articles 6(1)(a), 6(1)(b), and 6(1)(c) GDPR respectively. The20 KB (3,093 words) - 09:56, 14 December 2023
- AEPD (Spain) - PS/00452/2019 (category Article 6(1)(a) GDPR)and 48.1 of Law 39/2015 of 1 October, on the limitation of the infringement of article 6.1 of the RGPD typified in article 83.5 a) of the mentioned norm25 KB (4,037 words) - 14:55, 13 December 2023
- AEPD (Spain) - PS/00227/2019 (category Article 6(1)(a) GDPR)MÓVILES, S.A. (MASMOVIL), with NIF A82528548, for an infringement of article 6.1.a) of the RGPD, typified in article 83.5.a) of the RGPD, a fine of 6036 KB (5,821 words) - 14:20, 13 December 2023
- Datatilsynet (Denmark) - 2020-31-3354 (category Article 6(1)(a) GDPR)with the rules in Article 6 (1) of the Data Protection Regulation [1]. 1, letter a. Below is a more detailed review of the case and a justification for20 KB (3,151 words) - 16:38, 6 December 2023
- Datatilsynet (Denmark) - 2019-32-0709 (category Article 6(1)(a) GDPR)accordance with Article 6 (1). 1, letter b, if the processing is necessary to comply with a legal obligation in accordance with Article 6 (1). 1, letter c,24 KB (3,763 words) - 16:23, 6 December 2023
- AEPD (Spain) - PS/00010/2020 (category Article 6(1)(a) GDPR)company 's actions were a breach of Article 6(1) GDPR. Article 6(1) does not apply here because they failed to prove that they had a lawful basis for processing22 KB (3,523 words) - 13:45, 13 December 2023
- AEPD (Spain) - PS/00235/2019 (category Article 6(1)(a) GDPR)infringed Articles 6.1 (a) and 5.1 (a) of the GDPR, in breach of Articles (a) and (a) of the GDPR¬, in accordance with Article 71 (1) (a) and (b) respectively24 KB (4,074 words) - 14:21, 13 December 2023
- CNIL (France) - SAN-2023-025 (category Article 6(1)(a) GDPR)therefore breaching Article 6 GDPR, as well as Article 5(1)(b) GDPR. Thirdly, Article 30 GDPR stipulates that the controller must keep a register of processing53 KB (8,418 words) - 11:21, 6 February 2024
- HmbBfDI (Hamburg) - Vermerk: Abdingbarkeit von TOMs (category Article 6(1)(a) GDPR)to note that only Article 6(1)(a) GDPR allows for such a derogation from Article 32. The other legal basis in Article 6 restricts a data subject’s „disposition30 KB (4,562 words) - 15:27, 6 December 2023
- AEPD (Spain) - PS/00051/2020 (category Article 6(1)(a) GDPR)agreed to initiate a sanctioning procedure for the one claimed by the allegedinfringement of article 6.1.a), typified in article 83.5.a) of the RGPD.FIFTH:31 KB (4,853 words) - 13:52, 13 December 2023
- AEPD (Spain) - PS/00085/2021 (category Article 6(1)(a) GDPR)ESPAÑA, S.A.U., with NIF A80907397, for the alleged violation of article 6.1. GDPR typified in article 83.5.a) of the aforementioned RGPD. 1. APPOINT Mr28 KB (4,350 words) - 13:57, 13 December 2023
- AEPD (Spain) - PS/00006/2019 (category Article 6(1)(a) GDPR)for the alleged infringement of Article 13.1, in relation to Articles 6.1(a) and 8.1 of the RGPD and in relation to Article 7 of Organic Law 3/2018, on Data27 KB (4,517 words) - 13:44, 13 December 2023
- Datatilsynet (Denmark) - 2019-431-0052 (category Article 6(1)(a) GDPR)taken place in accordance with Article 5 (1) of the Data Protection Regulation. 1, letter e, and Article 6, para. 1, cf. Article 4, point 11. The Danish Data27 KB (4,300 words) - 16:36, 6 December 2023
- Supreme Court - C.20.0323.N (category Article 6(1)(a) GDPR)2. Infringement of art. 6.1. GDPR: APPLICATION /7 [Plaintiff] further bases its decision on an infringement of Article 6.1. GDPR, to know that the lawfulness43 KB (6,749 words) - 07:07, 28 October 2021
- AEPD (Spain) - PS/00291/2019 (category Article 6(1)(a) GDPR)AEPD imposed a fine of € 6.000 for unlawful processing data from a public registry without a legal basis under Article 6 GDPR. A citizen filled a complaint33 KB (5,396 words) - 14:26, 13 December 2023
- Datatilsynet (Denmark) - 2023-432-0016 (category Article 6(1)(a) GDPR)with Article 9(2)(a) GDPR and Article 6(1)(a) GDPR. Thus, the Danish DPA held that the processing was also not following the principles of Article 5(1)46 KB (7,192 words) - 12:37, 19 December 2023
- HDPA (Greece) - 53/2022 (category Article 6(1)(a) GDPR)his compliance with the principles of article 5 par. 1 of the GDPR. 5. Furthermore, Article 6 para. 1 of the GDPR provides, among other things, that the50 KB (8,004 words) - 04:49, 14 December 2022
- CE - N° 430810 (category Article 6(1)(a) GDPR)Where a controller envisages a processing operation having several purposes and seeks to obtain the data subject's consent under Article 6(1)(a) of the42 KB (6,800 words) - 09:50, 10 September 2021
- AEPD (Spain) - PS/00385/2020 (category Article 6(1)(a) GDPR)issued Canary Click with a warning and ordered them to bring URL 1 and their privacy policy in line with Article 6(1)(a) GDPR within a month. The AEPD also55 KB (8,967 words) - 14:33, 13 December 2023
- AEPD (Spain) - E/03624/2021 (category Article 6(1)(a) GDPR) (section DPA mutual assistance under Article 61 GDPR)data subject’s consent under Article 6(1)(a) GDPR, which in turn meets the conditions for consent laid out in Article 7 GDPR. The AEPD highlighted that this58 KB (8,665 words) - 16:10, 1 February 2022
- NAIH (Hungary) - NAIH/2020/974/4 (category Article 6(1)(a) GDPR)adequacy, or in accordance with Article 46, Article 47 or Article 49 (1); the second and second subparagraphs of paragraph 1, the indication of the appropriate67 KB (10,815 words) - 10:11, 17 November 2023
- CJEU - C-13/16 - Rīgas satiksme (category Article 6(1)(f) GDPR)Protection Directive (95/46/EC), which contained a remarkably similar provision to the new Article 6(1)(f) of GDPR. This test breaks down into three parts, making5 KB (749 words) - 12:58, 1 June 2023
- OGH - 6Ob56/21k (request for preliminary ruling under Article 267 TFEU) (category Article 6(1)(a) GDPR)requirements of Article 6(1)(a) in conjunction with Article 7 GDPR, which cannot be superseded by relying on Article 6(1)(b) GDPR? Is Article 5(1)(c) GDPR (data122 KB (20,253 words) - 08:17, 19 August 2021
- Datatilsynet (Norway) - 20/02136 (category Article 6(1) GDPR) (section Special categories of data under Article 9 GDPR)as a legal basis under Article 6(1)(b) GDPR where only consent should be the relevant legal basis. The NO DPA also considers that data cannot be a commodity18 KB (2,375 words) - 16:17, 6 December 2023
- CJEU - Joined Cases C‑26/22 and C‑64/22 - SCHUFA (category Article 6(1) GDPR)interests under Article 6(1)(f) GDPR. On the erasure obligations under Article 17 GDPR, the CJEU held that under Article 17(1)(d) GDPR SCHUFA will be under15 KB (2,180 words) - 08:23, 13 December 2023
- APD/GBA (Belgium) - 12/2019 (category Article 6(1)(a) GDPR)Directive and Articles 6(1)(a) and 7 GDPR, in the lights of Article 4(11) and Recital 32 GDPR. Following this report, the GBA issued a decision confirming107 KB (17,697 words) - 16:52, 12 December 2023
- Garante per la protezione dei dati personali (Italy) - 9435753 (category Article 6(1)(a) GDPR)that Wind Tre had violated the following articles of the GDPR: Articles 5(1), 5(2), 6(1)(a), 7, 12(1), 12(2), 24 and 25. It subsequently fined Wind Tre 16129 KB (21,020 words) - 15:49, 6 December 2023
- processing by the defendant can only be Article 6 (1) sentence 1 lit e) DSGVO (see b) or Article 6 (1) sentence 1 lit f) DSGVO (see c), the requirements51 KB (8,215 words) - 09:55, 13 May 2022
- DSB (Austria) - Austrian Postal Service (category Article 6(1)(f) GDPR)laws (like § 151 GewO) and GDPR? Is a prediction of a political affiliation a "special category of data" under Article 9(1) GDPR? The decision of the DSB8 KB (611 words) - 16:12, 6 December 2023
- Datatilsynet (Denmark) - 2020-431-0061 (Helsingor decision no. 1) (category Article 6(1) GDPR)Ordinance Article 5, paragraph Article 5 (2) 1, letter c and letter f., Article 5, paragraph Article 6 (1) (a) Article 32 (1), (1), (33) 1 and 35, para. 1. Below48 KB (7,442 words) - 10:24, 12 September 2022
- EDPB - Binding Decision 3/2022 - 'Meta (Facebook)' (category Article 6 GDPR)rely on Article 6(1)(b) GDPR in the context of its offering of the Facebook Terms of Service, and to include an infringement of Article 6(1) GDPR” (Para53 KB (8,413 words) - 14:10, 30 January 2023
- LG Köln - 33 O 376/22 (category Article 6(1)(b) GDPR)violates §§ 307 para. 1, para. 2 no.1 in connection with Art. 6 para. 1 sentence 1 DSGVO. Art. 6 para. 1 sentence 1 DSGVO and against § 1 UKlaG in conjunction66 KB (9,990 words) - 12:30, 29 January 2024
- CJEU - C-252/21 - Meta Platforms and Others v Bundeskartellamt (category Article 6 GDPR)as a 'legitimate interest' pursued by Meta pursuant to Article 6(1)(f) GDPR. Lastly, the CJEU noted that the fact that Article 6(1)(a) and Article 9(2)(a)8 KB (1,231 words) - 08:22, 6 July 2023
- OGH - 9Ob38/19g (category Article 6(1)(a) GDPR)decryption, a defendant's smartcard and corresponding software are required as well as a receiver such as a receiver or a CI-Plus module together with a compatible200 KB (33,233 words) - 09:49, 14 December 2023
- Hoge Raad - 21/00241 (category Article 6(1)(c) GDPR)with the provisions of Article 6(1)(c), Article 6(1)(f) GDPR, or both provisions? 2. Does the answer to Question 1 mean: a) that the person whose29 KB (4,605 words) - 17:00, 15 December 2021
- BVwG - W214 2228164-1 (category Article 6(1)(f) GDPR) (section Lawfulness According to Article 6(1)(f) GDPR)compliance with the principles of Article 5 GDPR and that they could be based on the legal basis of Article 6(1)(f) GDPR. The BVwG ruled that the principle8 KB (987 words) - 10:01, 12 May 2022
- AZOP (Croatia) - Decision 04-08-2022 (category Article 6 GDPR)legitimate interests under Article 6(1)(f) GDPR, they must still comply with data protection principles under Article 5 GDPR. In Croatia, many employers11 KB (1,655 words) - 13:32, 31 October 2023
- CJEU - C-175/20 - SIA ‘SS’ (Opinion of AG Bobek) (category Article 6(1)(c) GDPR)Bobek is also of the opinion that Article 6(1)(c) GDPR and Article 6(3) GDPR do not preclude national rules from laying down, without any limit in time8 KB (1,081 words) - 13:13, 1 June 2023
- Datatilsynet (Norway) - 20/02178 (category Article 6(1)(f) GDPR)breached Article 6(1)(f) GDPR for lack of legal basis, Article 21 for lack of considering an objection, Article 13 for lack of information and Article 24 for7 KB (802 words) - 18:53, 17 May 2022
- Datatilsynet (Norway) - 21/03530 (category Article 6(1)(b) GDPR)DPC decisions, Meta shifted its legal basis from Article 6(1)(b) GDPR (contract) to Article 6(1)(f) GDPR (legitimate interest) for most of its processing99 KB (14,431 words) - 16:20, 6 December 2023
- AZOP (Croatia) - Decision 17-05-2022 (category Article 6 GDPR)consent, in line with Article 6(1)(a) GDPR. The Court recalled that Article 31 of the Croatian Law on the Implementation of the GDPR stipulates that the15 KB (2,261 words) - 15:55, 30 October 2023
- CJEU - C-184/20 - Vyriausioji Tarnybinės Etikos Komisija (category Article 6(1) GDPR)9(1) GDPR. The preliminary questions concern the issue whether the existence of a legal obligation – Article 6(1)(c) GDPR – or a public interest – Article6 KB (522 words) - 13:15, 1 June 2023
- NAIH (Hungary) - NAIH-6752-10/2023 (category Article 6(1)(a) GDPR)controllers to have breached Article 6(1)(a) GDPR, Article 9(1) GDPR, as well as Article 12 and 13 GDPR for having unlawfully contacted a data subject after the7 KB (755 words) - 11:10, 21 February 2024
- Datatilsynet (Norway) - 20/02375 (category Article 6(1)(f) GDPR)breaching Article 6(1) GDPR, and required the company to implement a policy for conducting credit ratings per Article 24 GDPR. A person lodged a complaint40 KB (5,943 words) - 18:54, 5 March 2022