Search results
From GDPRhub
- ANSPDCP (Romania) - Banca Comercială Română S.A. (category Article 32(1) GDPR)regarding the security of processing, respectively art. 32 para. (4) in conjunction with art. 32 para. (1) and para. (2) of the General Data Protection Regulation4 KB (422 words) - 15:16, 13 December 2023
- Datatilsynet (Norway) - 20/02137 (category Article 32(1) GDPR)Norge violated Article 33 GDPR by failing to notify the Datatilsynet of the data breach? Had Telenor Norge violated Article 32(1) GDPR by failing to implement5 KB (684 words) - 08:06, 7 May 2022
- ANSPDCP (Romania) - Sanatatea Press Group S.R.L. (category Article 32(1) GDPR)that the controller had breached its obligations under Articles 5(1)(f), as well as 32(1) and (2). As a consequence, the ANSPDCP issued an administrative4 KB (422 words) - 15:20, 13 December 2023
- Datatilsynet (Denmark) - 2021-431-0138 (category Article 32(1) GDPR)there was a personal data breach pursuant to Article 4(12) GDPR. Moreover, it stated that Article 32(1) GDPR obliges controllers to take appropriate technical16 KB (2,496 words) - 15:23, 24 March 2022
- Commissioner (Cyprus) - 11.17.001.007.251 (category Article 32(1)(b) GDPR)reason, claimed that she shall receive the medical report under the veil of GDPR. The Cypriot Office of the Commissioner for Personal Data Protection disagreed4 KB (448 words) - 16:52, 6 December 2023
- AZOP (Croatia) - Decision 08-03-2022 (supermarket chain) (category Article 32(1)(b) GDPR)concluded that the controller violated Article 32(1)(b), Article 32(1)(d), Article 32(2), and Article 32(4) GDPR. Therefore, the DPA decided to impose a6 KB (730 words) - 15:49, 30 October 2023
- DPC - Health Service Executive (IN-19-9-2) (category Article 32(1) GDPR)garden. The decision found that the HSE infringed Articles 5(1)(f) and 32(1) of the GDPR by failing to implement appropriate technical and organisational3 KB (240 words) - 09:18, 3 March 2021
- Datatilsynet (Denmark) - 2021-442-12425 (category Article 32(1) GDPR)in accordance with the rules in the Data Protection Regulation [1], Article 32 (1). 1. Below is a more detailed review of the case and a justification15 KB (2,304 words) - 15:24, 24 March 2022
- AZOP (Croatia) - Decision 05-07-2021 (category Article 32(1)(b) GDPR)activities further violated Article 32(1)(b) and (d) GDPR. Accordingly, the DPA, in accordance with its powers under Article 58 (2) GDPR, imposed an administrative5 KB (599 words) - 15:38, 30 October 2023
- ANSDPCP (Romania) - Raiffeisen Bank S.A. and Vreau Credit S.R.L. (category Article 32(1) GDPR)provisions of Article 32 paragraph (4) in conjunction with Article 32 paragraph (1) and paragraph (2) of the GDPR, as well as of Article 33 paragraph (1) of the5 KB (568 words) - 15:10, 13 December 2023
- Commissioner (Cyprus) - Α/Π 68/2017 (category Article 32(1)(d) GDPR)that Cyprus Police was responsible for a violation of Article 32 par.1(b) & (d) and par.(4) GDPR, as a result of the acts and/or omissions of the Police6 KB (649 words) - 16:51, 6 December 2023
- ANSPDCP (Romania) - Fine against Proleasing Motors SRL (category Article 32(1) GDPR)Romanian DPA (ANSPDCP) fined leasing company €15,000 for violation of Article 32(1) and (2) GDPR after investigating a data breach reported by the company, where6 KB (732 words) - 15:17, 13 December 2023
- AEPD (Spain) - E/03003/2020 (category Article 32(1) GDPR)this data breach a violation of Article 32(1) GDPR? The AEPD concluded that there was no violation of Article 32(1) GDPR, because the company had implemented21 KB (3,039 words) - 13:39, 13 December 2023
- AZOP (Croatia) - Decision 21-07-2022 (A1 telecommunications) (category Article 32(1)(b) GDPR)€283,000). It held that the controller violated Articles 25(1), 32(1)(b), 32(1)(d) and 32(2) GDPR by not taking appropriate technical and organizational security7 KB (855 words) - 15:30, 30 October 2023
- ANSPDCP (Romania) - Fine against Banca Transilvania SA (category Article 32(1) GDPR)violated Article 5(1)(f) GDPR and proved the ineffectivness of the controller's employee compliance training, in violation of Article 32 GDPR. The DPA7 KB (845 words) - 15:17, 13 December 2023
- VDAI - VDAI vs VĮ Registrų centras (category Article 32(1)(b) GDPR)SE Register Center 15 thousand. A fine of EUR 1 million was imposed for infringements of Article 32 (1) (b) and (c) of the BDAR, ie failure to ensure8 KB (999 words) - 09:16, 17 November 2023
- IMY (Sweden) - DI-2021-4355 (category Article 32(1) GDPR)6 November 2020, has processed personal data in violation of Article 32(1) 1 of the GDPR by sending sensitive personal data to the complainant in an e-mail28 KB (3,101 words) - 09:49, 7 June 2023
- AEPD (Spain) - PS/00054/2021 (category Article 32(1) GDPR)infringement of article 32.1 of the RGPD, typified in article 83.4.a) of the RGPD, a fine of € 3,000 (three thousand euros), in accordance with article 73.g) of27 KB (3,993 words) - 13:52, 13 December 2023
- AP (The Netherlands) - 19.01.2023 (category Article 32(1) GDPR)assessed if it ensured an appropriate level of security under Articles 32(1) and 32(2) GDPR. The DPA held that the controller did not make a proper risk assessment10 KB (1,351 words) - 17:05, 12 December 2023
- VDAI (Lithuania) - VDAI vs UAB Prime Leasing (category Article 32(1)(a) GDPR)data. Hence, it considered Article 32(1)(a), Article 32(1)(b), Article 32(1)(d) GDPR to be breached. Pursuant to Article 82(2) GDPR, the DPA took several aggravating37 KB (4,319 words) - 09:20, 17 November 2023