Search results
From GDPRhub
- Article 17 GDPR (category GDPR Articles) (section (ii) Erasure following objection under Article 21(2))provided for in Article 6(1)(a) GDPR or, as the case may be, Article 9(2)(a) GDPR, and consent is withdrawn according to Article 7(3) GDPR, data must be61 KB (8,488 words) - 15:47, 18 March 2024
- DSB (Austria) - 2021-0.347.702 (category Article 9(2)(f) GDPR)or by a third party. The court used Article 9(2)(f) GDPR to interpret legitimate interests under Article 6(1)(f) GDPR as including the establishment, exercise25 KB (3,875 words) - 10:36, 11 January 2024
- BVwG - W256 2240235-1 (category Article 9(2)(f) GDPR)interests under Article 6(1)(f) GDPR. The data subject was heard on this statement and filed a submission, arguing that Article 6(1)(f) GDPR does not apply33 KB (5,154 words) - 11:08, 21 January 2022
- Tribunal da Relação de Coimbra - 4354/19.7T8CBR-A.C2 (category Article 9(2)(f) GDPR)right to privacy, namely, personal data that are protected by Article 9(1) and 9(2)(f) of the GDPR (i.e. union dues, insurance and alimony payments and absences30 KB (4,858 words) - 09:58, 6 October 2021
- Datatilsynet (Denmark) - 2020-31-3840 (category Article 9(2)(f) GDPR)information took place in accordance with Article 9 (1) of the Data Protection Ordinance. Article 2 (2) (f) and Article 6 (2) 1, letter b. The Danish Data Protection13 KB (1,974 words) - 15:42, 26 January 2022
- BVwG - W292 2259696-1 (category Article 9(2)(f) GDPR)specifically on Article 9 (2) (f) GDPR - but the wording of the exception in Article 9 (2) (f) GDPR is clear and clear with regard to the fact that Art. 9 Para.31 KB (4,916 words) - 14:35, 25 April 2023
- Persónuvernd (Iceland) - nr. 2020082238 (category Article 9(2)(f) GDPR)disclosure was necessary for the defence of its client's legal claim under Article 9(2)(f) GDPR. In the context of a legal dispute, Magna Lögmen - an Icelandic law26 KB (3,942 words) - 10:18, 5 October 2021
- Rb. Rotterdam - C/10/587469 / HA RK 19-1473 (category Article 9(2)(f) GDPR)a fundamental right. 4.7. ASZ also invokes Article 9(2)(f) of the AVG, from which it follows that Article 9(1) of the AVG does not apply if the processing24 KB (3,918 words) - 16:29, 10 March 2022
- Persónuvernd - 2020010616 (category Article 9(2)(f) GDPR)company could process the data lawfully because an Article 9(2) exception applied, namely Article 9(2)(f), where processing is necessary for the exercise23 KB (3,612 words) - 13:17, 17 July 2020
- VG Wiesbaden - 6 K 361/21.WI (category Article 9(2)(f) GDPR)assessed according to Article 6(1)(f) GDPR and Article 9 GDPR. Second, lawyers are data controllers within the meaning of Article 4(7) GDPR with regard to their37 KB (6,025 words) - 16:24, 15 November 2023
- DSB (Austria) - 2021-0.518.795 (category Article 9(2)(f) GDPR)legal basis under Article 9(2) GDPR for sending the medical assessment, which contained health data under Article 14 GDPR#15Article 4(15) GDPR, to the municipality29 KB (4,581 words) - 10:13, 10 March 2022
- Datatilsynet (Denmark) - 2021-32-2096 (category Article 9(2)(f) GDPR)Protection Regulation Information covered by Article 9 (2) (f) may be covered by Article 9 (2). 1, is processed if the processing is necessary for legal claims31 KB (4,995 words) - 15:32, 2 February 2022
- Datatilsynet (Denmark) - 2021-31-5542 (category Article 9(2)(f) GDPR)regulation's article 9, subsection 2, letters d and f. In relation to this, Plesner has stated that with regard to Article 9, subsection 2, letter d, Plesner43 KB (6,531 words) - 14:04, 21 September 2022
- VG Mainz - 1 K 467/19.MZ (category Article 9(2)(f) GDPR)constituted health data under Article 9(1) and Article 4(15) GDPR but the transfer was nevertheless admissible pursuant to Article 9 GDPR, as the strict requirements34 KB (5,514 words) - 15:11, 22 March 2022
- BVwG - W298 2266986 -1/20E (category Article 9(2)(f) GDPR)Paragraph 4 GDPR Art4 Z1 GDPR Art5 Paragraph 1 litc GDPR Art51 Paragraph 1 GDPR Art57 Paragraph 1 litf GDPR Art6 Paragraph 1 litf GDPR Art77 GDPR Art9 B-VG Art63 KB (10,365 words) - 12:54, 31 January 2024
- Article 6 GDPR (category GDPR Articles) (section Tension with Article 5 and 12 GDPR in case of routine reliance on Article 6(4) GDPR)possible "legitimate interest" under Article 6(1)(f) GDPR. Equally to Article 6(1)(c) GDPR, Article 6(2) and (3) GDPR require that Union or Member State108 KB (17,005 words) - 15:39, 18 March 2024
- Datatilsynet (Denmark) - 2021-31-4751 (category Article 9(2)(f) GDPR)has specifically been Article 6 (1) of the Data Protection Regulation. Article 9 (1) (f) and Article 9 (1) 2, letter f, as TV 2 has "transferred" personal105 KB (17,427 words) - 18:19, 16 February 2022
- consent under Article 6(4) GDPR and further processing for a compatible purpose under Article 6(4) GDPR. See the commentary on Article 6(4) GDPR for details51 KB (6,355 words) - 08:25, 18 April 2024
- reliance on Article 6(1)(f) GDPR or at least exercise the right to object under Article 21 GDPR. If the legal basis is Article 6(1)(f) GDPR (i.e. 'legitimate71 KB (9,532 words) - 13:30, 6 March 2024
- categories of data established in Article 9(2)(a) GDPR, Article 9(2)(c) GDPR, Article 9(2)(g) GDPR and Article 9(2)(i) GDPR directly correlate with a specific44 KB (5,905 words) - 14:00, 24 October 2023
- application, see Article 3(2)(b) GDPR, or automated decision making, see Article 22 GDPR. Profiling also triggers information duties under Articles 13(2)(f) and 14(2)(g)125 KB (16,328 words) - 16:01, 8 March 2024
- Article 15 GDPR (category GDPR Articles) (section Additional information under Article 15(1)(a) to (h))decision". Similar to the ex-ante information in Article 13(2)(f) and 14(2)(f) GDPR, Article 15(2) GDPR requires that in case the controller transfers data73 KB (9,896 words) - 15:46, 18 March 2024
- Article 83 GDPR (category GDPR Articles) (section (6) Non-compliance with orders pursuant to Article 58(2) GDPR)flows by the SA pursuant to Article 58(2) GDPR or failure to provide access in violation of Article 58(1) GDPR. Article 83(6) GDPR is a superfluous provision55 KB (7,622 words) - 14:04, 7 November 2023
- Article 58 GDPR (category GDPR Articles) (section (f) Obtain access to premises including equipment and means)access (Article 15 GDPR), rectification (Article 16 GDPR), erasure (Article 17 GDPR), restriction (Article 18 GDPR), notification (Article 19 GDPR) or data46 KB (5,825 words) - 11:12, 7 November 2023
- VG Ansbach - AN 14 K 19.01274 (category Article 77 GDPR)court can be regarded as necessary within the meaning of Article 6 (1) (f) and Article 9 (2) (f) GDPR. Nor are there any overriding interests or rights and35 KB (5,807 words) - 14:24, 12 October 2022
- with Article 13, Article 14 GDPR gives expression to the principle of transparency enshrined in Article 5(1)(a) GDPR and further defined in Article 12 GDPR47 KB (5,644 words) - 17:49, 5 March 2024
- from Articles 13(2)(b) and 14(2)(c) GDPR. However, Article 21(4) GDPR specifies that the right to object under Article 21(1) and 21(2) GDPR (i.e. the right49 KB (5,993 words) - 06:22, 16 June 2023
- Article 57 GDPR (category GDPR Articles) (section (a) Monitor and enforce the application of the GDPR)commentary to Article 60 GDPR, Article 61 GDPR, Article 62 GDPR, Article 63 GDPR, Article 64 GDPR, Article 65 GDPR, Article 66 GDPR and Article 56 GDPR. The SA60 KB (7,796 words) - 20:12, 1 April 2024
- mechanism referred to in Article 63 GDPR (Article 28(8) GDPR). The Commission has made use of its power under Article 28(7) GDPR and published standard contractual72 KB (9,140 words) - 13:12, 2 June 2023
- access (Article 15 GDPR), rectification (Article 16 GDPR), erasure (Article 17 GDPR), restriction of processing (Article 18 GDPR), notification obligation44 KB (4,896 words) - 06:25, 16 June 2023
- Article 32 GDPR (category GDPR Articles) (section (2) Certain risks must always be taken into account)non-material damage. Article 32(1) GDPR reflects the principle of integrity and confidentiality enshrined in Article 5(1)(f) GDPR. The controller and the41 KB (5,197 words) - 12:17, 17 April 2024
- requirements of data minimization (Article 5(1)(c) GDPR) and storage limitation (Article 5(1)(e) GDPR). Under Article 30(1)(f) GDPR, where possible, the controller31 KB (3,327 words) - 15:31, 5 June 2023
- compliance with the GDPR under Article 58(2)(d) GDPR or even ban it under Article 58(2)(f) GDPR. Therefore, complaints under Article 77 GDPR should extend to33 KB (3,641 words) - 09:51, 19 March 2024
- Article 49 GDPR (category GDPR Articles) (section (f) Necessary to Protect Vital Interests of the Data Subject or Others, Where Physically or Legally Incapable of Giving Consent)Regulation (GDPR): A Commentary, Article 49 GDPR, p. 846 (Oxford University Press 2020). EDPB, ‘Guidelines 2/2018 on derogations of Article 49 under Regulation29 KB (3,500 words) - 08:54, 27 March 2023
- leeway exists only in cases of Article 64(2) GDPR but not the context of Article 70(2) GDPR. According to Article 70(3) GDPR, the EDPB is obligated to “forward27 KB (3,038 words) - 12:19, 11 October 2023
- Article 46 GDPR (category GDPR Articles) (section (c) Standard data protection clauses adopted by the Commission under Article 93(2))access (Article 15 GDPR), rectification (Article 16 GDPR), deletion (Article 17 GDPR), restriction of processing (Article 18 GDPR), objection (Article 21 GDPR)34 KB (3,646 words) - 08:53, 27 March 2023
- Article 54 GDPR (category GDPR Articles) (section (f) Rules on members' occupation, prohibitions, incompatible actions and benefits)provided for in Article 52(3) GDPR and Articles 53(3) and 53(4) GDPR. For more information on SA members and staff, please refer to Article 52(2) GDPR (SA members)34 KB (3,649 words) - 13:19, 30 October 2023
- must also be involved in the drafting of the DPIA under Article 35(2) GDPR and Article 39(1)(c) GDPR, and their advice should be recorded by the controller52 KB (7,297 words) - 08:05, 18 July 2023
- Persónuvernd (Island) - Mál nr. 2022050993 (category Article 9(2)(h) GDPR)as health data under Article 9 GDPR. The DPA decided that the controller could rely on the exemption outlined in Article 9(2)(h) GDPR. The DPA could have30 KB (4,852 words) - 08:56, 30 January 2024
- Article 44 GDPR (category GDPR Articles)important to note that Article 13(1)(f) GDPR, Article 14(1)(f) GDPR, Article 15(1)(c) GDPR and Article 15(2) GDPR, make specific reference to transfers of personal21 KB (1,831 words) - 08:51, 27 March 2023
- Article 90 GDPR (category Article 90 GDPR) (section (2) Notification of national implementation to the Commission)accordance with Article 58(1) GDPR. Article 90 GDPR was drafted with a view to regulate potential conflicts between the application of the GDPR on the one hand18 KB (1,599 words) - 12:26, 29 April 2022
- and jurisdiction provisions (Articles 47(1)(b), 47(2)(d), 47(2)(e), 47(2)(g), 47(2)(i), 47(2)(l) GDPR); a duty for the EU BCR member to accept responsibility29 KB (2,823 words) - 15:15, 28 April 2022
- Article 75 GDPR (category Article 75 GDPR) (section (2) Exclusive Performance of Tasks under the Instructions of the Chair)Protection Regulation (GDPR), Article 75 GDPR, p. 1105 (Oxford University Press 2020). Dix, in Kühling, Buchner, DS-GVO BDSG, Article 75 GDPR, margin number 620 KB (1,347 words) - 14:21, 17 October 2023
- VG Ansbach - 14 K 19.01274 (category Article 77 GDPR)court can be regarded as necessary within the meaning of Article 6 (1) (f) and Article 9 (2) (f) GDPR. It would also not conflict with any overriding interests33 KB (5,554 words) - 11:06, 19 November 2021
- Article 33 GDPR (category GDPR Articles) (section (2) Processor's notification in the event of a personal data breach)the controller under Article 33(2) GDPR." See, EDPB, Guidelines 9/2022 on personal data breach notification under GDPR (Version 2.0), 28 March 2023, p54 KB (6,536 words) - 08:22, 16 June 2023
- Article 34 GDPR (category GDPR Articles) (section (2) Minimal requirements of the controller's communication to the data subject)meaning Recital 86 GDPR). However, Article 34 GDPR does not provide a specific deadline of 72 hours as is the case in Article 33 GDPR. Instead, timelines37 KB (3,962 words) - 15:20, 16 June 2023
- processing (Article 36(3)(c) GDPR); the contact details of the Data Protection Officer (DPO) (Article 36(3)(d) GDPR); a copy of the DPIA (Article 36(3)(e)31 KB (3,646 words) - 08:51, 21 July 2023
- point (d) of Article 46(2) and in Article 28(8); (e) aims to authorise contractual clauses referred to in point (a) of Article 46(3); or (f) aims to approve23 KB (2,079 words) - 16:07, 2 November 2023
- Article 78 GDPR (category GDPR Articles) (section (2) Right to judicial remedy against DPA inactivity)or infringes the GDPR or any other applicable laws, including national ones. See commentary under Article 77 GDPR. Article 78(1) GDPR establishes both30 KB (3,874 words) - 10:46, 7 December 2023
- to in Article 61(6) GDPR. Those implementing acts shall be adopted in accordance with the examination procedure referred to in Article 93(2) GDPR. → You24 KB (2,181 words) - 11:46, 15 January 2024
- the application of the GDPR. You can find further details about the territorial scope in Article 3 GDPR. According to Article 1(2), the Regulation generally28 KB (3,831 words) - 16:21, 14 March 2024
- Article 12 GDPR (category GDPR Articles) (section (2) Facilitation of the exercise of rights and identification)are dealt with in Article 12(6) GDPR. It is unclear why Article 12(2) GDPR refers to Articles 15 to 22 GDPR, while Article 11(2) GDPR only refers to Articles76 KB (11,304 words) - 08:37, 4 March 2024
- Article 42 GDPR (category GDPR Articles) (section (2) Demonstrating safeguards through data protection certification mechanisms, seals or marks)difference between Article 42(1) GDPR and Article 42(2) GDPR is that in the former, the applicant for certification is subject to the GDPR, while in latter27 KB (2,452 words) - 14:26, 28 July 2023
- number 9 (C.H. Beck, 2018, 2nd edition). We refer, in that respect, to the Commentary on Article 2(2)(c) GDPR. Spiecker et al., GDPR Article-by-Article Commentary33 KB (3,748 words) - 14:25, 7 November 2023
- falls outside the scope of Article 57 GDPR should be deemed inadmissible for the purposes of Article 31 GDPR. Article 31 GDPR can be read as a supporting22 KB (2,042 words) - 14:29, 20 November 2023
- requirements. Although Article 40(5) GDPR mentions that the competent DPA will be determined through the application of Article 55 GDPR, the GDPR does not provide44 KB (5,008 words) - 14:50, 28 July 2023
- Article 18 GDPR (category GDPR Articles) (section (d) Objection to processing under Article 21(1) GDPR)contrast to Article 23(1)(e) GDPR, which sets out strict requirements for the Union or Member State's law restricting GDPR rights, Article 18(2) GDPR does not32 KB (3,730 words) - 08:43, 7 March 2024
- Article 53 GDPR (category GDPR Articles) (section (2) Qualification, experience and skills of the member(s))occupation. For example, Article 52(2) GDPR requires SA members to remain free from external influence and Article 52(3) GDPR entails a prohibition of29 KB (2,894 words) - 23:06, 1 April 2024
- Article 20 GDPR (category GDPR Articles) (section (2) Right to have personal data directly transmitted to another controller)consent pursuant to point (a) of Article 6(1) or point (a) of Article 9(2) or on a contract pursuant to point (b) of Article 6(1); and (b) the processing is40 KB (5,349 words) - 07:05, 1 June 2023
- the non-binding Recitals of the GDPR. Example: There was agreement that legitimate interests under Article 6(1)(f) GDPR would need further definitions,48 KB (5,978 words) - 15:57, 1 February 2024
- information as outlined in Articles 13 and 14 of the GDPR (see above). Article 26(2) of the GDPR emphasizes the significance of these specific obligations37 KB (3,915 words) - 12:49, 24 May 2023
- laid down in Article 57 GDPR. The powers of SAs are both investigative and corrective, which are set out in Article 58 GDPR. Article 52(2) GDPR requires two47 KB (5,594 words) - 22:45, 1 April 2024
- Garante per la protezione dei dati personali (Italy) (section Complaints Procedure under Art 77 GDPR)reference, see Article 143 of the Code). However, detailed time-limits can be found in Regolamento n. 2/2019 cited above. Under Article 154 of the Code7 KB (808 words) - 08:17, 16 February 2023
- formation, meaning one president and five others elected members, pursuant to Article 9 of the Law "Informatique et Libertés". The CNIL's internal rules indicate8 KB (824 words) - 22:52, 27 February 2024
- DSB (Austria) - 2021-0.586.257 (category Article 4(2) GDPR)website controller qualifies as controller (Article 4(7) GDPR) and Google LLC as processor (Article 4(8) GDPR) for data processing in connection with Google108 KB (17,097 words) - 13:52, 12 May 2023
- Datatilsynet (Norway) - 20/02136 (category Article 3(2) GDPR) (section Special categories of data under Article 9 GDPR)trigger Article 9, irrespective of how the data is further processed by the data controllers the data was disclosed to. The exception under Article 9(2) is18 KB (2,375 words) - 16:17, 6 December 2023
- at/dam/jcr:ee7b155a-0a1f-4d00-98e9-902314c7022d/Datenschutzbericht%202022.pdf Report: Europe’s governments are failing the GDPR by Brave, page 6 - https://brave11 KB (1,468 words) - 13:27, 14 May 2023
- Norges Høyesterett - 2021-2403-A (category Article 9(2)(a) GDPR)other two conditions of Article 6 (1) (f) of the GDPR are not met. (26) The second condition of Article 6 (1) (f) of the GDPR is that the processing of46 KB (7,024 words) - 06:18, 6 March 2022
- CJEU - Joined Cases C‑26/22 and C‑64/22 - SCHUFA (category Article 6(1) GDPR)interests under Article 6(1)(f) GDPR. On the erasure obligations under Article 17 GDPR, the CJEU held that under Article 17(1)(d) GDPR SCHUFA will be under15 KB (2,180 words) - 08:23, 13 December 2023
- Datatilsynet (Denmark) - 2020-431-0061 (Helsingor decision no. 3) (category Article 58(2)(f) GDPR)regulation[1] article 5, subsection 2, cf. Article 5, subsection 1, letters c and f, and Article 5, subsection 1, letter a, cf. Article 6, subsection 1117 KB (18,075 words) - 10:19, 12 September 2022
- Personvernnemnda (Norway) - 2018-14 (15/01355) (category Article 9(2)(a) GDPR)that the Medical List does today, cf. GDPR Article 4, No. 11, Article 6 No. 1 letter a, Article 7 and Article 9 No. 2 letter a If current practice is invalid144 KB (23,058 words) - 18:48, 5 March 2022
- BVwG - W258 2217446-1 (category Article 9(2) GDPR)personal data under Article 9(1) GDPR. Their processing would require the data subjects' explicit consent under Article 9(2)(a) GDPR and § 151(4) GewO,79 KB (12,652 words) - 09:41, 10 September 2021
- meaning of Article 6(1)(f) of the GDPR must already be known in order for a balancing of interests within the meaning of Article 6(1)(f) of the GDPR to be possible51 KB (8,215 words) - 09:55, 13 May 2022
- CJEU - C-252/21 - Meta Platforms and Others v Bundeskartellamt (category Article 9 GDPR)pursued by Meta pursuant to Article 6(1)(f) GDPR. Lastly, the CJEU noted that the fact that Article 6(1)(a) and Article 9(2)(a) GDPR must be interpreted as8 KB (1,231 words) - 08:22, 6 July 2023
- CJEU - C-667/21 - Krankenversicherung Nordrhein (category Article 9(2)(h) GDPR)processing of data concerning health laid down in Article 9(1) GDPR is possible under Article 9(2)(h) GDPR) in a case such as the present one, are there further14 KB (1,916 words) - 16:03, 2 February 2024
- Datatilsynet (Norway) - 15/01355 (category Article 9(2)(a) GDPR)Supervision: Article 6(1)(f), legitimate interest. For the special category personal data: About diagnosis: Article 6(1)(a), cf. Article 9(2)(a), consent16 KB (2,111 words) - 06:21, 6 March 2022
- Datatilsynet (Denmark) - 2020-431-0061 (Helsingor decision no. 2) (category Article 5(2) GDPR)pursuant to Article 5(2) GDPR in conjunction with Article 5(1)(a) GDPR. Failure to demonstrate that processing is performed in accordance with the GDPR The DPA75 KB (11,733 words) - 16:33, 21 August 2022
- Garante per la protezione dei dati personali (Italy) - 9852214 (category Article 58(2)(f) GDPR)in particular of children was in breach of Article 5, Article 6, Article 8, Article 9, and Article 25 GDPR. Consequently, the DPA urgently imposed upon36 KB (5,598 words) - 10:15, 8 February 2023
- Hoge Raad - 21/00241 (category Article 6(1)(f) GDPR)assessed in accordance with the provisions of Article 6(1)(c), Article 6(1)(f) GDPR, or both provisions? 2. Does the answer to Question 1 mean: a)29 KB (4,605 words) - 17:00, 15 December 2021
- AEPD (Spain) - PS/00451/2019 (category Article 6(1)(f) GDPR)regard to article 83.2 (k) of the RGPD, the LOPDGDD, article 76, "Sanctions and corrective measures", provides: "2. In accordance with Article 83(2)(k) of26 KB (4,231 words) - 14:44, 13 December 2023
- artistic or literary purposes, only Article 24, Article 26, Article 28, Article 29, Article 32, and Article 40- Article 43 applies, following § 3. Special8 KB (1,064 words) - 12:53, 23 June 2023
- AEPD (Spain) - EXP202201746 (category Article 5(1)(f) GDPR)these facts: one for the violation of article 5.1.f) RGPD, and another for article 32 GDPR. x Article 58.2 of the GDPR provides the following: “Each supervisory62 KB (9,703 words) - 13:05, 13 December 2023
- OGH - 6Ob35/21x (category Article 9(1) GDPR)personal data under Article 9 GDPR. The OGH agreed with the BVwG's reasoning in W258 2217446-1 and held that that the purpose of Article 9 GDPR is to protect27 KB (4,090 words) - 09:54, 10 September 2021
- AEPD (Spain) - PS/00240/2019 (category Article 5(1)(b) GDPR)Therefore, given that Article 6(1), Article 5(1)(a), Article 5(1)(d), Article 5(1)(c), and Article 14 GDPR were infringed in connection to Article 5(1)(b), the602 KB (102,229 words) - 14:21, 13 December 2023
- AEPD (Spain) - EXP202100764 (category Article 5(1)(f) GDPR)III Article 5.1.f) of the GDPR Article 5.1.f) “Principles relating to processing” of the GDPR establishes: "1. The personal data will be: (…) f) treated34 KB (5,184 words) - 13:22, 13 December 2023
- Datatilsynet (Norway) - 20/01790 (category Article 6(1)(f) GDPR)treatment in Article 6 (1) (f) which is the most obvious. We point to that The Privacy Board has assumed that Article 6, paragraph 1, letter f is a relevant49 KB (7,646 words) - 07:56, 7 March 2022
- Personvernnemnda (Norway) - 2021-03 (category Article 5(2) GDPR)Ordinance Article 6 No. 1 letter f, for failure to assess protests, cf. Article 21, and for lack of information, cf. Article 13. 2. Pursuant to Article 58 (2)25 KB (4,046 words) - 18:37, 5 March 2022
- Garante per la protezione dei dati personali (Italy) - 9860529 (category Article 9 GDPR)right to privacy. Health data are sensitive data covered by Article 9 GDPR. According to Article 137 of the Italian Data Protection Code, health data can16 KB (2,354 words) - 15:45, 6 December 2023
- DSB (Austria) - D124.1177/0006-DSB/2019 (category Article 9(2)(j) GDPR) (section Article 17(1)(d) GDPR)Articles 5(1)(b) and (e), 9(2)(j), 89(1) GDPR and Section 7(1)(1) and (2)(1) GDPR. In particular, it follows from Article 9(2)(j) GDPR that the processing of31 KB (4,648 words) - 13:56, 12 May 2023
- AEPD (Spain) - EXP202105680 (category Article 9 GDPR)person.” Article 9.2 of the GDPR however means that: “Section 1 will not apply when one of the following circumstances occurs:” which cover article 9.2.a) to66 KB (10,558 words) - 13:14, 13 December 2023
- Datatilsynet (Norway) - 21/03530 (category Article 58(2)(f) GDPR)by the EDPB pursuant to Article 66(2) GDPR. Temporary ban on processing (order) Pursuant to Article 66(1) GDPR and 58(2)(f) GDPR the Norwegian DPA consequently99 KB (14,431 words) - 16:20, 6 December 2023
- APD/GBA (Belgium) - 06/2019 (category Article 58(2)(i) GDPR)c), Article 6.1., Article 13.1. c), Article 13.1. c), Article 13.1. e) and Article 13.2. a) of the DGPS pursuant to Article 101 of the ICA, to impose20 KB (3,137 words) - 16:51, 12 December 2023
- VGH Baden-Württemberg - 1 S 397/19 (category Article 18(2) GDPR)force: "According to Article 16 sentence 1 GDPR, every data subject has the right to request the controller (see Article 4(7) GDPR) to correct incorrect112 KB (19,310 words) - 08:08, 23 June 2022
- unclear if this national determination of Article 6(1)(f) GDPR is compatible with the GDPR. Many other GDPR provisions were introduced in the sector-specific8 KB (721 words) - 09:32, 24 April 2024
- APD/GBA (Belgium) - 149/2023 (category Article 13(2) GDPR)of article 4.19 of the GDPR – (article 13.1. c) of the GDPR) and does not mention the data retention periods personal data processed (article 13.2. a)113 KB (17,325 words) - 08:50, 19 March 2024
- APD/GBA (Belgium) - 21/2022 (category Article 5(1)(f) GDPR) (section Accountability (Article 24 GDPR), data protection by design and by default (Article 25 GDPR), integrity and confidentiality (Article 5(1)(f) GDPR), as well as security of processing (Article 32 GDPR))current version of the TCF violates Article 5(1)(f) GDPR. Processing of special categories of personal data - Article 9 GDPR The DPA held that although its429 KB (58,279 words) - 09:12, 2 November 2022
- Datatilsynet (Norway) - 20/02375 (category Article 6(1)(f) GDPR)rating, breaching Article 6(1) GDPR, and required the company to implement a policy for conducting credit ratings per Article 24 GDPR. A person lodged a40 KB (5,943 words) - 18:54, 5 March 2022
- AEPD (Spain) - PS/00001/2021 (category Article 5(1)(f) GDPR)for the violation of Article 5(1)(f) GDPR and Article 5(2) GDPR. The AEPD considered that the fine was proportional, since the GDPR establishes that fines270 KB (43,335 words) - 12:39, 13 December 2023
- CNIL (France) - SAN-2020-012 (category Article 4(7) GDPR)the fine, the criteria specified in the same article 83. 111. Article 83 of the GDPR, as referred to in Article 20, paragraph III, of the Data Protection93 KB (14,936 words) - 17:09, 6 December 2023
- CNIL (France) - SAN-2022-019 (category Article 3(2) GDPR)did not react either. GDPR applicable? (Article 3(2) GDPR) The DPA held that the GDPR was applicable pursuant of Article 3(2) GDPR. Because the controller11 KB (1,452 words) - 17:03, 6 December 2023