Search results
From GDPRhub
- VSL - VSL Sodba PRp 345/2019 (category Article 6(1)(c) GDPR)91/1, 91 / 1-1, 91/2. ZP-1 Article 2, 2/2, 136, 136/1, 136 / 1-1. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 201615 KB (2,332 words) - 08:39, 1 September 2020
- Article 4 GDPR (section (1) Personal data)here). More precise, Article 13(1)(e) GDPR, Article 14(1)(e) GDPR, Article 15(1)(c) GDPR. Klabunde, in Ehmann, Selmayr, DS-GVO, Article 4 GDPR, margin number125 KB (16,328 words) - 16:01, 8 March 2024
- Article 5 GDPR (section (1) Principles)principles in Article 5 of Convention 108 from 1981. Following this tradition, Article 5 GDPR is also largely consistent with Article 6(1) of the previous51 KB (6,355 words) - 08:25, 18 April 2024
- assess a possible "legitimate interest" under Article 6(1)(f) GDPR. Equally to Article 6(1)(c) GDPR, Article 6(2) and (3) GDPR require that Union or Member108 KB (17,005 words) - 15:39, 18 March 2024
- Article 9 GDPR (section (1) General prohibition of processing of special categories of personal data)requirements from Article 9(2) and Article 9 (3) GDPR, but will also require an additional concomitant legal basis contained in Article 6(1) GDPR. However44 KB (5,905 words) - 14:00, 24 October 2023
- Article 83 GDPR (section (1) Administrative fine)proportionality, enshrined in EU primary law in Article 5(4) TEU and Article 52(1)(2) CFR, is also reflected in Article 83(1) GDPR. In general, a measure is proportionate55 KB (7,622 words) - 14:04, 7 November 2023
- Article 23 GDPR (section (1) Restrictions)make contact with him' (BVerwG, NJW 2006, 3367ff.)”. Article 1(1) in conjunction with Article 2(1) Directive (EU) 2016/680 of the European Parliament and44 KB (4,896 words) - 06:25, 16 June 2023
- Article 35 GDPR (section (1) Mandatory DPIA)purpose(s) (Article 5(1)(b)); lawfulness of processing (Article 6); adequate, relevant and limited to what is necessary data (Article 5(1)(c)); limited52 KB (7,297 words) - 08:05, 18 July 2023
- Article 28 GDPR (section (1) Processor)and controllers. If Article 28 GDPR did not intend any privilege, the rules of Article 28 GDPR, and in particular of Article 28(10) GDPR, would be superfluous72 KB (9,140 words) - 13:12, 2 June 2023
- Article 25 GDPR (section (1) Data protection by design)individual rights. These criteria have the same meaning as in Article 24(1) and Article 32(1). The "nature" of the processing consists of its “the inherent43 KB (4,675 words) - 06:43, 16 June 2023
- dispute resolution mechanism under Article 65 GDPR in connection with Article 63 GDPR is triggered (Article 60 (4) GDPR). Article 60(2) GDPR clarifies that also35 KB (4,017 words) - 16:04, 18 March 2024
- Commentary, Article 10 GDPR, p. 388 (Oxford University Press, Oxford, 2020). Schiff, in Ehmann, Selmayr, Datenschutz-Grundverordnung, Article 10 GDPR, margin17 KB (1,768 words) - 15:41, 18 March 2024
- the reliance on Article 6(1)(f) GDPR or at least exercise the right to object under Article 21 GDPR. If the legal basis is Article 6(1)(f) GDPR (i.e. 'legitimate71 KB (9,532 words) - 13:30, 6 March 2024
- further details see Article 14(1)(d) GDPR. Similar to the ex-ante information in Article 13(1)(e) and 14(1)(e) GDPR, Article 15(1)(c) GDPR requires the73 KB (9,896 words) - 15:46, 18 March 2024
- VSL - VSL00035084 (category Article 6(1)(c) GDPR)91/1, 91 / 1-1, 91/2. ZP-1 Article 2, 2/2, 136, 136/1, 136 / 1-1. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 201615 KB (2,384 words) - 14:38, 13 August 2020
- protection of personal data in Greece is constitutionally established in Article 9A of the Greek Constitution. You can help us filling this section! As an23 KB (2,039 words) - 08:15, 25 April 2024
- Article 58 GDPR (section (1) Investigative powers)to access (Article 15 GDPR), rectification (Article 16 GDPR), erasure (Article 17 GDPR), restriction (Article 18 GDPR), notification (Article 19 GDPR) or46 KB (5,825 words) - 11:12, 7 November 2023
- draw up. Indeed, the wording of Article 40(1) establishes that they “shall encourage” this (emphasis added). Article 40(1) GDPR clarifies that codes of conduct44 KB (5,008 words) - 14:50, 28 July 2023
- GDPR (Article 31 GDPR). Direct liability of the representative is limited to the obligations set out in Article 30 and Article 58(1)(a) GDPR. Article 27(5)25 KB (2,418 words) - 14:11, 24 May 2023
- remedies. CJEU: The CJEU has clarified in C-132/21 that "Article 77(1), Article 78(1) and Article 79(1) of Regulation (EU) 2016/679 [...] must be interpreted33 KB (3,641 words) - 09:51, 19 March 2024
- Article 24 GDPR (category Article 24 GDPR) (section (1) Appropriate technical and organisational measures)(e.g. Article 25 (1) and (2), Article 28(1), Article 32(1) GDPR, Article 89(1) GDPR). These measures can also be regarded as measures under Article 24(1)30 KB (3,458 words) - 10:31, 25 April 2024
- surveillance cameras, it was therefore in breach of Article 37(1)(b) GDPR by not having a DPO. Article 37(1) GDPR specifies three conditions in which the designation43 KB (4,904 words) - 12:59, 21 July 2023
- Article 2 GDPR (section (1) Material scope)the elements in Article 2(1) are fulfilled, the GDPR applies unless the processing falls under one of the exemptions named in Article 2(2)(a) to (d) GDPR34 KB (4,652 words) - 12:07, 12 November 2023
- requirements of data minimization (Article 5(1)(c) GDPR) and storage limitation (Article 5(1)(e) GDPR). Under Article 30(1)(f) GDPR, where possible, the controller31 KB (3,327 words) - 15:31, 5 June 2023
- May 2020 (Version 1.1), p. 10 (available here). EDPB, ‘Guidelines 05/2020 on consent under Regulation 2016/679’, 4 May 2020 (Version 1.1), p. 12 (available31 KB (3,489 words) - 16:00, 8 March 2024
- Article 1 GDPR (section (1) Subject-matter)is a fundamental right. Article 8(1) of the Charter of Fundamental Rights of the European Union (the ‘Charter’) and Article 16(1) of the Treaty on the Functioning28 KB (3,831 words) - 16:21, 14 March 2024
- Category:Article 75 GDPR Dix, in Kühling, Buchner, DS-GVO BDSG, Article 75 GDPR, margin number 1 (C.H. Beck 2020, 3rd edition). Case C-614/10, Commission20 KB (1,347 words) - 14:21, 17 October 2023
- Category:Article 31 GDPR Hartung, in Kühling, Buchner, DS-GVO BDSG, Article 31 GDPR, margin numbers 1-4 (Beck 2020, 3rd edition). For instance, Article 58(1)(f)22 KB (2,042 words) - 14:29, 20 November 2023
- Article 85 GDPR (category Article 85 GDPR) (section (1) Reconciling data protection rules with freedom of expression)number 99. Spiecker et al., GDPR Article-by-Article Commentary (2023), p 1075. Spiecker et al., GDPR Article-by-Article Commentary (2023), p 1074. For example33 KB (3,748 words) - 14:25, 7 November 2023
- material or non-material damage. Article 32(1) GDPR reflects the principle of integrity and confidentiality enshrined in Article 5(1)(f) GDPR. The controller and41 KB (5,197 words) - 12:17, 17 April 2024
- specific rules. Article 82 GDPR introduces a right to compensation for damage caused as a result of an infringement of the GDPR. Article 82(1) contains the33 KB (4,215 words) - 09:57, 19 March 2024
- Article 81 GDPR (section Scope of Article 81 GDPR)defined by Article 4(2) GDPR), because Article 81(1) GDPR explicitly refers to 'processing by the same controller or processor'. As a result, the Article does27 KB (2,619 words) - 14:52, 16 November 2023
- adoption of a final decision that can be challenged under Article 78(1) GDPR. Again, Article 57(1)(f) GDPR is instructive regarding the SA's obligation "[to30 KB (3,874 words) - 10:46, 7 December 2023
- concerning the interpretation of Article 28(1) of Directive 95/46/EC ("DPD"), the Regulation's predecessor. Article 28(1) DPD established the existence of47 KB (5,594 words) - 22:45, 1 April 2024
- Article 56 GDPR (section (1) Designation of the Lead Supervisory Authority (LSA) and the Cooperation Mechanism)cases (Article 4(23) GDPR), several supervisory authorities (SA) could be competent according to Article 55 GDPR. For this reason, Article 56(1) GDPR establishes55 KB (7,446 words) - 22:28, 1 April 2024
- Article 95 GDPR (category Article 95 GDPR)relationship between the GDPR and the EPD is to be found in Recital 10 and Article 1(2) EPD. Article 1(2) EPD provides that the EPD's provisions serve to "particularise20 KB (1,539 words) - 08:21, 19 October 2023
- only bring proceedings under Article 79(1) GDPR in limited circumstances of substantive violations. Instead, Article 79(1) GDPR should be read as excluding31 KB (3,550 words) - 11:11, 29 November 2023
- Article 89 GDPR (category Article 89 GDPR) (section (1) Mandatory Appropriate Safeguards for Archiving Purposes in the Public Interest, Scientific or Historical Research Purposes,...)Hence, Article 89(2) and (3) GDPR also allow for specific derogation to the GDPR for these purposes, as further detailed below. Article 89(1) GDPR provides29 KB (3,695 words) - 13:44, 21 March 2024
- information in the course of an investigation, in accordance with Article 58(1) GDPR. Article 90 GDPR was drafted with a view to regulate potential conflicts18 KB (1,599 words) - 12:26, 29 April 2022
- paragraph of Article 80 GDPR establishes several cumulative conditions for entities to qualify as NPOs. For the purposes of Article 80(1) GDPR must be26 KB (2,575 words) - 15:50, 9 November 2023
- Article 39 GDPR (section (1) DPO's Tasks)design, Article 35(2) explicitly states that the controller must "seek advice" from the DPO when undertaking a DPIA. Additionally, Article 39(1)(c) assigns23 KB (2,165 words) - 15:10, 27 July 2023
- two deputy chairs under Article 73(1) GDPR. In the case of the latter provision, the wording of which differs from Article 72(1) GDPR, has lead to the view22 KB (2,266 words) - 08:26, 17 October 2023
- Article 67 GDPR (category Article 67 GDPR)of documents within the cooperation and the consistency mechanisms”. Article 10 11(1) of the EDPB RoP require the competent SA to send the relevant documents15 KB (810 words) - 16:13, 2 November 2023
- definition of the notion of religion in general. For instance, under Article 10(1)(b) of Directive 2011/95/EU, “[t]he concept of religion shall in particular25 KB (2,482 words) - 10:04, 19 March 2024
- Article 46 GDPR (section (1) Scope)access (Article 15 GDPR), rectification (Article 16 GDPR), deletion (Article 17 GDPR), restriction of processing (Article 18 GDPR), objection (Article 21 GDPR)34 KB (3,646 words) - 08:53, 27 March 2023
- the parties concerned before the civil court (Article 152 of the Code, which makes a reference to Article 10, D.lgs. 150/11). For most data protection claims7 KB (808 words) - 08:17, 16 February 2023
- Article 99 GDPR (category Article 99 GDPR)Article 99 - Entry into force and application 1. This Regulation shall enter into force on the twentieth day following that of its publication in the Official12 KB (295 words) - 08:25, 19 October 2023
- the relevance of Article 29 GDPR were rooted in the fact that Article 28(3)(b) GDPR already seems to cover much of the scope of Article 29 GDPR. More specifically13 KB (674 words) - 13:15, 2 June 2023
- on the basis of (i) its legitimate interest (Article 6(1)(f) GDPR) or (ii) the public interest (Article 6(1)(e) GDPR). Hence, data subjects may find themselves32 KB (3,730 words) - 08:43, 7 March 2024
- on categories of data listed under Article 9(1) GDPR. There have been conflicting arguments as to whether Article 22(1) GDPR lays down a right or a general31 KB (4,768 words) - 06:24, 16 June 2023
- considered as one of the 'other administrative or non-judicial' remedies, which Article 78(2) GDPR refers to. If the DPA decides to uphold their decision, they10 KB (1,078 words) - 06:40, 26 March 2023
- legal basis than Article 6(1)(c)(e), for example based on consent or contract (Article 6(1)(b)), the same entity is subject to Article 56. This means that35 KB (3,971 words) - 21:34, 1 April 2024
- Article 86 GDPR (category Article 86 GDPR)basis of Article 6(1)(c) GDPR (i.e. processing is necessary for compliance with a legal obligation to which the controller is subject) or Article 6(1)(e) GDPR22 KB (2,177 words) - 10:01, 19 March 2024
- Article 94 GDPR (category Article 94 GDPR)Article 94 - Repeal of Directive 95/46/EC 1. Directive 95/46/EC is repealed with effect from 25 May 2018. 2. References to the repealed Directive shall13 KB (530 words) - 09:40, 3 October 2023
- Article 97 GDPR (category Article 97 GDPR)recitals for Article 97 GDPR. Article 97 GDPR imposes a "comprehensive reporting obligation" upon the Commission. The first paragraph of Article 97 GDPR sets16 KB (778 words) - 08:24, 19 October 2023
- Article 26 GDPR (section (1) Joint controllership)protection principles (Article 5), determination of the legal basis for processing (Article 6), implementation of security measures (Article 32), notification37 KB (3,915 words) - 12:49, 24 May 2023
- According to the final paragraph in Article 49(1) GDPR, when none of the derogations described above (Article 49(1)(a-g) GDPR) is applicable, transfers29 KB (3,500 words) - 08:54, 27 March 2023
- Article 96 GDPR (category Article 96 GDPR)(GDPR), Article 96 GDPR, p. 1305 (Oxford University Press 2020). Moore, in Kuner et al., The EU General Data Protection Regulation (GDPR), Article 96 GDPR13 KB (450 words) - 08:22, 19 October 2023
- Article 87 GDPR (category Article 87 GDPR)that process them. This was already the case under Article 8(7) of the DPD, the precursor of Article 87 GDPR. In many Member States, the processing of NIN15 KB (660 words) - 09:37, 1 December 2023
- Article 8 GDPR (section (1) Material scope)Article 8: Conditions applicable to child’s consent in relation to information society services 1. Where point (a) of Article 6(1) applies, in relation19 KB (1,335 words) - 13:56, 24 October 2023
- one Member State (Article 64(2) GDPR). Docksey notes that the “subject-matter is thus not limited to the matters listed in Article 64(1) and could concern15 KB (808 words) - 09:44, 17 October 2023
- point, it is important to note that Article 13(1)(f) GDPR, Article 14(1)(f) GDPR, Article 15(1)(c) GDPR and Article 15(2) GDPR, make specific reference21 KB (1,831 words) - 08:51, 27 March 2023
- deliberations of the Board's predecessor, the Article 29 Working Party (“WP29”), were wholly privileged. Under Article 11(1) of WP29's Rules of Procedure, any minutes15 KB (787 words) - 08:17, 19 October 2023
- However, Article 5(1)(d) GDPR gives the controller some leeway to continue processing inaccurate data - see more details under Article 5(1)(d) GDPR. Article23 KB (2,489 words) - 23:24, 6 March 2024
- accordance with Article 58(2) [GDPR]”. These is a reference to the information that SAs must keep in internal records according to Article 57(1)(u) GDPR. The15 KB (718 words) - 15:31, 19 October 2023
- Article 53 - General conditions for the members of the supervisory authority 1. Member States shall provide for each member of their supervisory authorities29 KB (2,894 words) - 23:06, 1 April 2024
- Article 3 GDPR (section (1) Establishment in the Union)territorial scope of the GDPR (Article 3)’, 12 November 2019 (Version 2.1), p. 16 (available here) referring to Article 1(1)(b) Directive (EU) 2015/153537 KB (4,635 words) - 13:29, 24 October 2023
- reasoned objection of a SA (Article 65(1)(a) GDPR), when there are different views on which SA is the lead SA (“LSA”) (Article 65(1)(b) GDPR), and where a SA33 KB (4,185 words) - 16:09, 2 November 2023
- restriction of processing carried out in accordance with Article 16, Article 17(1) and Article 18 to each recipient to whom the personal data have been19 KB (1,436 words) - 12:35, 12 May 2023
- rules, do not fall within the scope of this article. → You can find all related decisions in Category:Article 48 GDPR Kuner, in Kuner, Bygrave, Docksey,14 KB (716 words) - 15:19, 28 April 2022
- Article 43 GDPR (section (1-5) The certification body)to in Article 42(5) and approved by the supervisory authority which is competent pursuant to Article 55 or 56 or by the Board pursuant to Article 63; (c)22 KB (1,634 words) - 14:40, 28 July 2023
- Article 63 GDPR (category Article 63 GDPR)to in Article 46(2)(d) GDPR, contractual clauses referred to in Article 46(3)(a) GDPR, or binding corporate rules within the meaning of Article 47 GDPR15 KB (851 words) - 06:55, 29 April 2022
- implementing acts are delegated to the Commission pursuant to Article 291 TFEU, Article 93(1) GDPR provides that the Commission shall be assisted by a committee17 KB (1,096 words) - 08:19, 19 October 2023
- prejudice to requests by the Commission referred to in point (b) of Article 70(1) and in Article 70(2), the Board shall, in the performance of its tasks or the18 KB (1,327 words) - 12:36, 14 December 2023
- The authority addressed under Article 66(1)-(2) GDPR is the CSA within the meaning of Article 4(22) GDPR. In contrast, Article 66(3) refers to “any supervisory20 KB (1,590 words) - 16:11, 2 November 2023
- best practices referred to in point (l) of Article 70(1) as well as of the binding decisions referred to in Article 65. Recital 100: Establishment of Certification15 KB (1,196 words) - 08:15, 19 October 2023
- it establishes an EU-wide penalty regime for violations under Article 83 GDPR, Article 84(1) GDPR dispenses with complete harmonisation. It does, however19 KB (1,477 words) - 14:12, 7 November 2023
- exchange of knowledge between them. This way, Article 50 GDPR expands the exhortation under Article 57(1)(g) GDPR that calls for cooperation between EU17 KB (1,142 words) - 15:41, 28 April 2022
- under Article 8(1) GDPR, then the processing is unlawful and therefore the general clause under Article 17(1)(d) GDPR applies. Contrary to Article 17(1)(a)61 KB (8,488 words) - 15:47, 18 March 2024
- commentary to Article 60 GDPR, Article 61 GDPR, Article 62 GDPR, Article 63 GDPR, Article 64 GDPR, Article 65 GDPR, Article 66 GDPR and Article 56 GDPR. The60 KB (7,796 words) - 20:12, 1 April 2024
- Article 98 GDPR (category Article 98 GDPR)in accordance with Article 98'. → You can find all related decisions in Category:Article 98 GDPR The CJEU has yet to rule on Article 98 GDPR. Nonetheless15 KB (943 words) - 09:58, 8 November 2023
- codes of conduct on the basis of Article 41 of Regulation 2016/679 and of a certification body on the basis of Article 43 of Regulation 2016/679; To ensure9 KB (993 words) - 07:10, 28 July 2022
- Article 38 - Position of the data protection officer 1. The controller and the processor shall ensure that the data protection officer is involved, properly29 KB (2,951 words) - 14:19, 25 July 2023
- is not apparent why the principle laid down in Article 72(1) GDPR should be deviated from. Article 72(1) GDPR stipulates that the Board shall take decisions19 KB (1,530 words) - 14:23, 12 October 2023
- establishment of SAs, please refer to Article 51(1) GDPR and Article 52 GDPR in this Commentary. Article 54(1)(b) GDPR echoes Article 53(2) GDPR, which outlines the34 KB (3,649 words) - 13:19, 30 October 2023
- between Article 21(3) GDPR and Article 17 GDPR on the right to erasure must be considered. The tight relationship between Article 21(3) and Article 17(1)(c)49 KB (5,993 words) - 06:22, 16 June 2023
- including the power to adopt binding decisions pursuant to Article 65 GDPR (Article 70(1)(t) GDPR). Article 68 GDPR is the first of nine Articles (Articles 68-7620 KB (1,632 words) - 10:01, 11 October 2023
- Datenschutzrecht, Wolff/Brink DS-GVO Article 64 margin numbers 19-20.1 (35th Edition 1.2.2021). Caspar in Kühling, Buchner, GDPR Article 64, margin number 24 (C.H23 KB (2,079 words) - 16:07, 2 November 2023
- delegation of power as necessitated by Article 290 TFEU, such as its duration (Article 290(1) TFEU), its revocability (Article 290(2)(a) TFEU), and the dependence19 KB (1,525 words) - 08:18, 19 October 2023
- subjects - which would be counterproductive. Article 11 GDPR is meant to address this matter. Under Article 11(1) GDPR, when a processing operation does not20 KB (1,854 words) - 16:32, 8 March 2024
- notify the competent supervisory authority of such a breach. Article 34(1) GDPR differs from Article 33 GDPR. Instead of having to notify the supervisor authority37 KB (3,962 words) - 15:20, 16 June 2023
- Article 61 GDPR (category Article 61 GDPR) (section (1) Exchange of information and mutual assistance)territory of its Member State in accordance with Article 55(1). In that case, the urgent need to act under Article 66(1) shall be presumed to be met and require24 KB (2,181 words) - 11:46, 15 January 2024
- controller is subject, under Article 6(1)(c) GDPR. In line with the general objectives of the GDPR, as outlined in Article 1 GDPR Article 16 TFEU, SAs are also27 KB (2,604 words) - 14:24, 16 January 2024
- Article 70 GDPR (category Article 70 GDPR) (section (1) Tasks to ensure the consistent application of the Regulation)basis of Article 49(1); (k) draw up guidelines for supervisory authorities concerning the application of measures referred to in Article 58(1), (2) and27 KB (3,038 words) - 12:19, 11 October 2023
- act under Article 66(1) shall be presumed to be met and require an opinion or an urgent binding decision from the Board pursuant to Article 66(2). Recital22 KB (1,915 words) - 13:46, 15 January 2024
- Article 14 GDPR (category Article 14 GDPR) (section (1) Information the controller shall provide when personal data has not been obtained from the data subject)additional benefit of Article 14(1)(d) GDPR may be questionable, if one agrees that Article 14(1)(c) (see commentary on Article 13(1)(c) GDPR) already requires47 KB (5,644 words) - 17:49, 5 March 2024
- Overview of GDPR (section Article 8 CFR)processing of personal data (see Article 5(1)(a) GDPR), the need to limit the purpose of such processing (see Article 5(1)(b) GDPR), the requirement to have48 KB (5,978 words) - 15:57, 1 February 2024
- Article 20 GDPR (section (1) Right to data portability)consent pursuant to point (a) of Article 6(1) or point (a) of Article 9(2) or on a contract pursuant to point (b) of Article 6(1); and (b) the processing is40 KB (5,349 words) - 07:05, 1 June 2023
- Article 47 GDPR (section (1) Binding Corporate Rules)by other DPAs concerned. The BCR Lead the submits, following Article 64(1) GDPR and Article 64(4) GDPR, a draft decision to the EDPB. The EDPB, in turn29 KB (2,823 words) - 15:15, 28 April 2022
- deadline of Article 36(1) GDPR, and it is still disputed whether the outcome of the procedure rather resembles that of Article 58(3)(a) GDPR or Article 58(3)(b)31 KB (3,646 words) - 08:51, 21 July 2023
- under the terms referred to in Article 46(2)(f) GDPR. One substantial difference between Article 42(1) GDPR and Article 42(2) GDPR is that in the former27 KB (2,452 words) - 14:26, 28 July 2023
- under Article 13 should not be too long. Article 12 GDPR may be limited by Union or national Law in accordance with Article 23 GDPR. Article 12(1) GDPR76 KB (11,304 words) - 08:37, 4 March 2024
- Article 41 GDPR (section (1) The monitoring body)This is clear from the wording of Article 41(1) GDPR. Article 41(1) GDPR does not define accreditation. Nonetheless, Article 41(2) GDPR provides a criterion30 KB (2,720 words) - 14:02, 28 July 2023
- use of Article 88(1) GDPR. Therefore, for a comprehensive overview of the term ‘more specific’, please refer to section 2.1 below. Article 88(1) GDPR establishes32 KB (3,228 words) - 13:32, 30 November 2023
- an agreement on joint responsibility as required under Article 26(1) of the GDPR. Article 33(1) GDPR outlines that controllers (as defined above) have54 KB (6,536 words) - 08:22, 16 June 2023
- own motion. Its powers are described under Article 8 of the law "Informatique et Libertés". Under Article R311-1(4) of the French code of administrative justice8 KB (824 words) - 22:52, 27 February 2024
- Protection Act (ZVOP-1) are still valid and in use, which was confirmed also by some late court decisions. These are of course parts of 2007 ZVOP-1 which are not10 KB (1,242 words) - 10:51, 6 February 2024
- Contrary to the general 6 months deadline for any decision under § 73 AVG, § 24(10) DSG exempts the time a foreign lead supervisory authority processed a complaint11 KB (1,468 words) - 13:27, 14 May 2023
- Article 45 GDPR (section (1) Adequacy Decision)do so with the support of the EDPB in accordance with Article 70(1)(b) GDPR. According to Article 45(5) GDPR, the continued monitoring referred to in paragraph43 KB (5,641 words) - 14:58, 28 April 2022
- Of the 1,046 complaints that were resolved from 1. 1. 2018 to 24. 5. 2018 the DPC has only made 12 formal decisions, which is equivalent to 1,1% of the8 KB (1,034 words) - 14:13, 20 August 2021
- DSB (Austria) - 2021-0.586.257 (category Article 4(1) GDPR)basis: Art. 4 (1), (2), (7) and (8), Art. 5, Art. 44, Art. 46 (1) and (2) (c), Art. 51 (1), Art. 57 (1) (d) and (f), Art. 77 (1), Art. 80 (1) and Art. 93108 KB (17,097 words) - 13:52, 12 May 2023
- APD/GBA (Belgium) - 188/2022 (category Article 4(1) GDPR)of Article 5 of the GDPR, Article 24(1) of the GDPR and Article 25(1) paragraph 2 of the GDPR; and 2. a breach of Article 12 paragraph 1 and paragraph 495 KB (14,325 words) - 14:27, 25 January 2023
- defined under Article 2(1)(a) Directive 95/46 where a third party has additional knowledge required to identify a data subject. b) Whether Article 7(1)(f) prevents9 KB (1,113 words) - 13:10, 1 June 2023
- CJEU - C-230/14 - Weltimmo (section Questions 1-6)Member State? Can Article 4(1)(a) of [Directive 95/46], read in conjunction with recitals 18 to 20 of its preamble and Articles 1(2) and 28(1) thereof, be interpreted13 KB (1,888 words) - 13:07, 1 June 2023
- Rb. Rotterdam - C/10/576091/HA RK 19-701 (category Article 15(3) GDPR)numbers C/10/576071 / HA RK 19-693, C/10/576074 / HA RK 19-694, C/10/576079 / HA RK 19-696, C/10/576096 / HA RK 19-703 and C/10/576129 / HA RK 19-708. 1.6. A14 KB (2,154 words) - 16:27, 10 March 2022
- Datatilsynet (Denmark) - 2020-431-0061 (Helsingor decision no. 2) (category Article 5(1)(a) GDPR)regulation's article 5, subsection 2, cf. Article 5, subsection 1, letters c and f, and Article 5, subsection 1, letter a, cf. Article 6, subsection 1, and Article75 KB (11,733 words) - 16:33, 21 August 2022
- CJEU - C-136/17 - GC and Others (category Article 9(1) GDPR)‘offences’ and ‘criminal convictions’ within the meaning of Article 8(5) of Directive 95/46 (and Article 10 GDPR). In addition the court judged that a search engine4 KB (438 words) - 14:23, 11 August 2022
- IMY (Sweden) - DI-2020-11373 (category Article 44 GDPR)million) kroner for violation of Article 44 of the data protection regulation. 1 Description of the supervisory matter 1.1 The processing The Swedish Privacy113 KB (12,773 words) - 15:20, 6 December 2023
- data than those expressly indicated in Article 22(1), with the exception of personal data referred to in Article 10 GDPR. This means that data concerning9 KB (1,215 words) - 16:58, 18 May 2021
- Tietosuojavaltuutetun toimisto (Finland) - 6689/186/20 (category Article 5(1) GDPR)of Personal Data of Volunteers Working with Children (148/2014) 1. Pursuant to Article 10 of Data Protection Regulation (EU) 2016/679, the processing of41 KB (6,555 words) - 08:37, 4 March 2024
- AEPD (Spain) - PS/00240/2019 (category Article 5(1)(b) GDPR)given that Article 6(1), Article 5(1)(a), Article 5(1)(d), Article 5(1)(c), and Article 14 GDPR were infringed in connection to Article 5(1)(b), the AEPD602 KB (102,229 words) - 14:21, 13 December 2023
- Court of Appeal of Brussels - 2019/AR/1600 (category Article 5(1)(c) GDPR)connection with the violation of article/and 5.1. c); 6.1.; 13.1. (c);13.1(e) and13.2(a)AVG: r PAGE 01-00001582885-0002-0033-01- □1-� r L _JCourt of Appeal Brussels60 KB (9,144 words) - 16:17, 22 March 2022
- Datatilsynet (Denmark) - 2020-431-0061 (Helsingor decision no. 3) (category Article 35(1) GDPR)regulation[1] article 5, subsection 2, cf. Article 5, subsection 1, letters c and f, and Article 5, subsection 1, letter a, cf. Article 6, subsection 1, and117 KB (18,075 words) - 10:19, 12 September 2022
- CNIL (France) - SAN-2020-012 (category Article 26(1) GDPR)in the same article 83. 111. Article 83 of the GDPR, as referred to in Article 20, paragraph III, of the Data Protection Act, provides: 1. Each supervisory93 KB (14,936 words) - 17:09, 6 December 2023
- IMY (Sweden) - DI-2020-11397 (category Article 44 GDPR)hundred thousand) for violation of Article 44 of the Data Protection Regulation. 1 Description of the supervisory matter 1.1 The processing The Swedish Privacy121 KB (13,722 words) - 15:16, 5 July 2023
- Rb. Rotterdam - C/10/576074/HA RK 19-694 (category Article 15(3) GDPR)number C/10/576071 / HA RK 19-693, C/10/576079 / HA RK 19-696, C/10/576083 / HA RK 19-697, C/10/576085 / HA RK 19-698, C/10/576091 / HA RK 19-701, C/10/57609415 KB (2,504 words) - 16:27, 10 March 2022
- HDPA (Greece) - 48/2021 (redirect from HDPA (Greece) - 2322/14-10-2021) (category Article 6(1)(f) GDPR)(definition) Article 4.12: Violation of personal data (definition) Article 5.2: Principle of accountability Article 6.1.a: Legal basis of consent Article 6.1.f:8 KB (1,028 words) - 12:49, 24 November 2021
- Datatilsynet (Denmark) - 2020-431-0061 (Helsingor decision no. 1) (category Article 5(1)(c) GDPR)Ordinance Article 5, paragraph Article 5 (2) 1, letter c and letter f., Article 5, paragraph Article 6 (1) (a) Article 32 (1), (1), (33) 1 and 35, para. 1. Below48 KB (7,442 words) - 10:24, 12 September 2022
- Personvernnemnda (Norway) - 2018-14 (15/01355) (category Article 5(1)(a) GDPR)that the Medical List does today, cf. GDPR Article 4, No. 11, Article 6 No. 1 letter a, Article 7 and Article 9 No. 2 letter a If current practice is invalid144 KB (23,058 words) - 18:48, 5 March 2022
- DSB (Austria) - Austrian Postal Service (category Article 6(1)(f) GDPR)data" under Article 9(1) GDPR? The decision of the DSB is not published. So far there are only news reports on the case (see e.g. ORF.at) On 29. 10. 2019 the8 KB (611 words) - 16:12, 6 December 2023
- CJEU - C-154/21 - RW v Österreichische Post (category Article 5(1)(a) GDPR)clarification on the interpretation of Article 15 GDPR. The Supreme Court asked the following preliminary question: 'Is Article 15(1)(c) of the GDPR to be interpreted8 KB (992 words) - 17:03, 4 February 2023
- CJEU - C-40/17 - Fashion ID (category Article 80 GDPR)arguing that it wasn’t a controller within the definition set out under Article 2(d) Directive 95/46 and that NRW did not have legal standing to bring a6 KB (492 words) - 13:09, 1 June 2023
- IMY (Sweden) - DI-2020-11368 (category Article 44 GDPR)may not be based on Article 45. Article 46.1 provides, among other things, that in the absence of a decision in accordance with Article 45.3 a personal data115 KB (12,842 words) - 08:38, 5 July 2023
- IMY (Sweden) - DI-2020-11370 (category Article 44 GDPR)be established on Article 45. Article 46.1 provides, among other things, that in the absence of a decision in accordance with Article 45.3 a personal data131 KB (14,752 words) - 08:36, 5 July 2023
- HDPA (Greece) - 20/2020 (category Article 6(1)(e) GDPR)explanatory statement of the law, Article 10 defines the Authority’s competence in compliance with Article 55 GDPR.Article 55 GDPR provides for a restriction29 KB (4,578 words) - 15:35, 6 December 2023
- CJEU - C-77/21 - Digi (category Article 5(1)(b) GDPR)provides useful clarifications in this regard. 34 Article 5(1)(b), Article 6 ( 1) point a) k and Article 6, paragraph (4), it is clear from the combined49 KB (7,800 words) - 09:22, 5 January 2024
- Personvernnemnda (Norway) - 2021-18 (20/02059) (category Article 5(1)(d) GDPR)categories of information in Article 8 (1) and (5) of Directive 95/46 or in Article 9 (1), Article 10 (1) and Article 10 of Regulation 2016/679, the infringement36 KB (5,859 words) - 06:40, 6 July 2022
- CJEU - C-439/19 - B v. Latvijas Republikas Saeima (category Article 10 GDPR)assessing the scope of Article 96 of the Latvian Constitution, an account must be taken of the GDPR as well as of Article 16 TFEU and Article 8 of the Charter12 KB (1,792 words) - 18:13, 1 February 2023
- BVwG - W211 2210458-1/10 (category Article 2(1) GDPR)according to To 1): € 1.200,00 To 2): € 300,00 To 3): € 300,00 . . . In total: € 1.800 To 1): 3 days To 2): 1 day To 3): 1 day ... In total: 5 days Ad 1): Art.92 KB (15,435 words) - 16:00, 22 March 2022
- HDPA (Greece) - 26/2023 (category Article 15 GDPR)provide for the possibility of bringing such actions of Article 25 of the Code of Civil Procedure1. 1 See, by way of example, the Authority's Decision No 73/201814 KB (2,181 words) - 11:27, 13 September 2023
- Delo, R (On the Application Of) v The Information Commissioner - 2023 EWCA Civ 1141 (category Article 57(1)(f) GDPR)the merits of any complaint: The judges noted the flexible languange of Article 57(1)(f) UK GDPR. The Commissioner must "handle" a complaint. He must "investigate9 KB (1,191 words) - 08:44, 23 January 2024
- AEPD (Spain) - E/10529/2021 (category Article 45 GDPR)e7141c720c53441c2483c; has_js=1; _gid=GA1.2.1837808855.1597415922; _gat=1 Upgrade-Insecure-Requests 1 If-None-Match" 1597405902-1" Cache-Control max-age=0”44 KB (6,642 words) - 10:34, 13 December 2023
- BVwG - W258 2217446-1 (category Article 4(1) GDPR)categories of personal data under Article 9(1) GDPR. Their processing would require the data subjects' explicit consent under Article 9(2)(a) GDPR and § 151(4)79 KB (12,652 words) - 09:41, 10 September 2021
- AEPD (Spain) - EXP202202164 (category Article 5(1) GDPR)II In accordance with article 5.1 of the RGPD, the processing of personal data must be governed by the following principles: "1. The personal data will29 KB (4,482 words) - 14:06, 5 March 2024
- AEPD (Spain) - EXP202105644 (category Article 5(1)(f) GDPR)with the provided for in article 58.2.b) of the RGPD, for the alleged infringement of article 5.1.f) of the RGPD, typified in article 83.5.a) of the RGPD.27 KB (4,121 words) - 15:06, 13 December 2023
- The civil procedure is mainly regulated in the Law 1/2000, of 7 January, on Civil Proceedings (Ley 1/2000, de 7 de enero, de Enjuiciamiento Civil). Spanish15 KB (1,875 words) - 16:18, 13 July 2022
- Rb. Midden-Nederland - UTR- 20 817 en UTR 20 3081 (category Article 77 GDPR)arguments for the following reasons: 1) Article 78(2) GDPR defines the applicable time frame in line with Article 4:13(1) of the Dutch Administrative law.25 KB (3,954 words) - 13:39, 16 November 2020
- HDPA (Greece) - 6/2020 (category Article 17(1) GDPR)data. In particular, it follows from the provisions of Article 57 (1) (f) of the GDPR and Article 13 (1) (g) of Law 4624/2019 that the Authority has the competence29 KB (4,557 words) - 15:33, 6 December 2023
- Datatilsynet (Norway) - 20/01868 (category Article 5(1)(d) GDPR)accordance with Article 16 of the Privacy Ordinance are met. The principle of accuracy in the Privacy Ordinance, Article 5, paragraph 1, letter d, does26 KB (4,150 words) - 16:14, 6 December 2023
- VGH Baden-Württemberg - 1 S 397/19 (category Article 5(1)(d) GDPR)(see, for example, Article 10 of the Introductory Act to the Civil Code in respect of the right to a name and Article 19.1 sentence 1 of the Introductory112 KB (19,310 words) - 08:08, 23 June 2022
- OLG Nürnberg - 8 U 2907/21 (category Article 15(1) GDPR)served on the defendant until January 15, 2021 (Section 204 (1) No. 1 BGB, Section 253 (1) ZPO). Insofar as the district court has determined that the24 KB (3,847 words) - 15:19, 11 September 2022
- BVerfG - 1 BvR 16/13 (category Article 17 GDPR)third-party action (1.). On the complainant's side, his general right of personality (Article 2.1 in conjunction with Article 1.1 of the Basic Law) in133 KB (21,944 words) - 15:59, 22 March 2022
- BVwG - W245 2252208-1/36E and W245 2252221-1/30E (category Article 44 GDPR)Para. 1 and Para. 2, Art. Article 25(1), Article 30(5), Article 32(1) and (2), Article 34(1), Article 35(1) and Article 35(3). or Art. 37 Para. 1 lit. b158 KB (26,392 words) - 08:25, 7 June 2023
- HDPA (Greece) - 18/2020 (category Article 5(1)(a) GDPR)compliance and accountability with the principles of Article 5(1) and par.2 in conjunction with Article 6(1) GDPR. B. imposes on NEW YORK COLLEGE S.A. the effective12 KB (1,733 words) - 15:34, 6 December 2023
- direct offer of services of the Information Society. Without prejudice to Article 8(1) GDPR, for child under the age of fourteen, consent is only valid if provided6 KB (757 words) - 13:53, 16 August 2022
- AEPD (Spain) - PS/00451/2019 (category Article 6(1)(f) GDPR)and application of Article 20.1 c) by the AEPD implies the exclusion of the weighting required by the legitimizing basis of Article 6.1.f) of the RGPD and26 KB (4,231 words) - 14:44, 13 December 2023
- HDPA (Greece) - 3/2022 (category Article 4(7) GDPR)under Article 15(4)(c) and 15(8) of Law No. 4624/19, the national data protection law, in conjunction with Article 58(2) GDPR. According to Article 6 of11 KB (1,492 words) - 13:09, 23 November 2022
- Garante per la protezione dei dati personali (Italy) - 9860529 (category Article 9 GDPR)right to privacy. Health data are sensitive data covered by Article 9 GDPR. According to Article 137 of the Italian Data Protection Code, health data can16 KB (2,354 words) - 15:45, 6 December 2023
- Subparagraph (1)(b) therefore has to be written as #1b! Example: [[Article 6 GDPR#1b|Article 6(1)(b)]] becomes Article 6(1)(b) and links to Article 6, section17 KB (2,510 words) - 13:56, 24 April 2023
- AEPD (Spain) - PS/00188/2019 (category Article 5(1)(f) GDPR)authorities in Article 57.1 of Regulation (EU) 2016/679 (General Data Protection Regulation, hereinafter RGPD). Thus, on 10/10/18, 25/10/18 and 15/01/1939 KB (6,623 words) - 14:08, 13 December 2023
- AEPD (Spain) - EXP202205932 (category Article 6(1) GDPR)functions assigned to the control authorities in the article 57.1 and the powers granted in article 58.1 of the Regulation (EU) 2016/679 (General Data Protection32 KB (4,952 words) - 13:11, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9870832 (category Article 5 GDPR)enshrined in Article 5(1)(d). Finally, the DPA also considered that the lack of any mechanism to check the age of the users entailed a violation of Article 8 GDPR14 KB (2,049 words) - 07:46, 1 August 2023
- AEPD (Spain) - EXP202105680 (category Article 9 GDPR)classified as very serious in article 72.1. e) from the LOPDGDD, with 10,000 euros. -article 13 of the GDPR, in accordance with article 83.5 b) of the GDPR, and66 KB (10,558 words) - 13:14, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9524194 (category Article 66(1) GDPR)provision. Pursuant to Article 78 of the Regulation, as well as to Article 152 of the Code and Article 10 of Legislative Decree no. 150 of 1 September 2011, an9 KB (1,280 words) - 15:53, 6 December 2023
- Norges Høyesterett - 2021-2403-A (category Article 5(1)(a) GDPR)However, the other two conditions of Article 6 (1) (f) of the GDPR are not met. (26) The second condition of Article 6 (1) (f) of the GDPR is that the processing46 KB (7,024 words) - 06:18, 6 March 2022
- practice. Recital 1: The protection of natural persons in relation to the processing of personal data is a fundamental right. Article 8(1) of the Charter182 KB (24,065 words) - 13:40, 9 July 2021
- AEPD (Spain) - EXP202201746 (category Article 5(1)(f) GDPR)violation of article 5.1.f) of the GDPR SAW The violation of article 5.1.f) of the RGPD implies the commission of the violations typified in article 83.5 of62 KB (9,703 words) - 13:05, 13 December 2023
- VK Baden-Württemberg - 1 VK 23/22 (category Article 44 GDPR)pursuant to § 57(1)(4) VgV. The Procurement Chamber noted that a procurement is illegal if the company deviates from its initial offer (§ 57(1)(4) VgV). This62 KB (10,113 words) - 12:48, 17 August 2022
- APD/GBA (Belgium) - 81/2020 (category Article 5(1)(c) GDPR)subjects required by Article 12.2. of the GDPR. 8.1.3. As for the breach of the principle of minimization (article 5.1 c) of the GDPR) 8.1.3.1. In view of the127 KB (21,484 words) - 17:01, 12 December 2023
- HDPA (Greece) - 11/2024 (category Article 17(1) GDPR)accordance with the provisions of articles 55 para. 1, 2 para. 1 and 3 para. 2 GDPR and 13 para. 1 item g' Law 4624/2019, the Authority has the authority36 KB (5,761 words) - 17:19, 22 April 2024
- CJEU - T‑200/21 JS v European Data Protection Supervisor (EDPS) (category Article 17 GDPR)the processing of personal data of Article 23(1) of Regulation 2018/1725, the EDPS recalled that, under Article 5(1)(b) of Regulation 2018/1725, processing61 KB (9,971 words) - 14:28, 4 January 2024
- CNPD (Luxembourg) - Délibération n° 20FR/2021 (category Article 38(1) GDPR)violation of articles 38.1, 38.3, 39.1 a) and 39.1 b) of the GDPR; - to issue an injunction against Company A to comply with Article 38.1 of the GDPR, within66 KB (9,458 words) - 19:42, 4 September 2021
- LG Krefeld - 2 O 448/20 (category Article 15(1) GDPR)regarded as an access request under Article 15(1) GDPR. According to Recital 63 GDPR, the right of access under Article 15 GDPR serves data subjects to be17 KB (2,758 words) - 14:10, 15 December 2021
- encouraged by that community pursuant to Article 2(d) of Data Protection Directive 95/46, read in the light of Article 10(1) of the Charter. Share your comments10 KB (1,282 words) - 14:38, 7 June 2023
- LG Berlin - (526 OWi LG) 212 Js-OWi 1/20 (1/20), 526 OWiG LG 1/20 (category Article 83(4) GDPR)violating Article 5(1)(c) and Article 5(1)(e) GDPR. The DPA of Berlin fined Deutsche Wohnen SE for violating Article 5(1)(c) and Article 5(1)(e) GDPR,36 KB (5,810 words) - 13:09, 21 January 2022
- CNIL (France) - SAN-2019-005 (category Article 5(1)(e) GDPR)violates Article 32 GDPR. Retaining personal data of an applicant for a lease after another applicant has been selected also violates Article 5(1)(e) GDPR41 KB (6,558 words) - 17:09, 6 December 2023
- Hoge Raad - 21/00241 (category Article 6(1)(c) GDPR)accordance with the provisions of Article 6(1)(c), Article 6(1)(f) GDPR, or both provisions? 2. Does the answer to Question 1 mean: a) that the person29 KB (4,605 words) - 17:00, 15 December 2021
- APD/GBA (Belgium) - 02/2021 (category Article 6 GDPR)d'un montant de 10.000 € (article 83, paragraphe 2, de l'AVG ; article 100, §1, 13° WOG et article 101 WOG). 129. Compte tenu de l'article 83 AVG et de la96 KB (15,396 words) - 16:50, 12 December 2023
- AEPD (Spain) - EXP202206735 (category Article 6 GDPR)with the powers that article 58.2 of the GDPR grants to each authority of control and as established in articles 47, 48.1, 64.2 and 68.1 of the LOPDGDD, The75 KB (12,421 words) - 13:23, 13 December 2023
- OGH - 6Ob35/21x (category Article 4(1) GDPR)constitute personal data under Article 4(1) GDPR? If so, do they qualify as special categories of personal data under Article 9 GDPR? Is the defendant obliged27 KB (4,090 words) - 09:54, 10 September 2021
- APD/GBA (Belgium) - 149/2023 (category Article 5(1)(a) GDPR)referred to in Article 5(1) LRN, under which the controller did not fall in. Therefore, the controller breached Article 5(1)(a) GDPR and Article 6(1) GDPR, in113 KB (17,325 words) - 08:50, 19 March 2024
- LG Köln - 33 O 376/22 (category Article 6(1)(b) GDPR)application 1.b., from §§ 1, 3 para. 1 no. 1, 4 UKlag in conjunction with §§ 307 para. 1, para. 2 no.1 in conjunction with Art. 5 para. 1 lit. a), Art66 KB (9,990 words) - 12:30, 29 January 2024
- APD/GBA (Belgium) - 21/2022 (category Article 5(1)(f) GDPR) (section Accountability (Article 24 GDPR), data protection by design and by default (Article 25 GDPR), integrity and confidentiality (Article 5(1)(f) GDPR), as well as security of processing (Article 32 GDPR))▪ Articles 5.1.a and 5.2 (principles of fairness, transparency and accountability) ▪ Article 6.1 (lawfulness of processing); ▪ Article 9.1 and 9.2 (processing429 KB (58,279 words) - 09:12, 2 November 2022
- enumerated under Article 3(1) Directive 95/46. The court looked at the term personal data under Article 3(1) Directive 95/46 and Article 2(a) Directive 95/466 KB (580 words) - 13:05, 1 June 2023
- Data Protection in § 1 DSG, the Rights to Privacy and Data Protection in Article 7 and 8 CFR and the Right to Privacy in Article 8 ECHR. Applications can8 KB (721 words) - 09:32, 24 April 2024
- UODO (Poland) - ZSPR.421.2.2019 (category Article 5(1)(f) GDPR)(f), Article 5(2), Article 6(1), Article 7(1), Article 24(1), Article 25(1), Article 32(1)(b), Article 32(1)(c) and Article 32(1)(b), Article 32(1)(c) and71 KB (11,304 words) - 10:01, 17 November 2023
- UODO (Poland) - ZSPU.421.3.2019 (category Article 5(1)(a) GDPR)provided for in Article 5(1)(a), (e) and (f), Article 5(2), Article 24(1) and (2), Article 28(3), Article 30(1)(d) and (f) and Article 32(1) of the General58 KB (9,357 words) - 10:02, 17 November 2023
- APD/GBA (Belgium) - 53/2020 (category Article 5(1)(a) GDPR)comply with section 5.1(b) of the MDR, and for failure to comply with section 5.1(a) of the MDR. and 5.1(b), 6.1, 25.1 and 25.2, 32.1 and 32.4 of the MDR35 KB (5,853 words) - 16:58, 12 December 2023
- Court of Appeal of Brussels - 2022/AR/549 (category Article 17(3)(e) GDPR)Authority (APO below}, what it does on June 17, 2020 » 1• 1 Impugned Decision, Exhibit 36, §§ 1 - 24. 1 PAGE 01-00003026497-0006-0025-02-01-� L_JCourt of Appeal37 KB (5,765 words) - 09:53, 14 December 2023
- CNIL (France) - SAN-2020-009 (category Article 5(1)(a) GDPR)requirements of Article 13 of the Regulation. C. On the breach relating to cookies 69. Article 82 of the Data Protection Act (Article 32.II in a wording48 KB (7,404 words) - 17:09, 6 December 2023
- minor, following Article 5(5) UAVG. In all other situations, the age of consent is 16 years, following Article 5(1) UAVG. Pursuant to Article 43 of the Dutch7 KB (764 words) - 07:50, 6 May 2024
- Datatilsynet (Norway) - 15/01355 (category Article 5(1)(a) GDPR)Supervision: Article 6(1)(f), legitimate interest. For the special category personal data: About diagnosis: Article 6(1)(a), cf. Article 9(2)(a), consent16 KB (2,111 words) - 06:21, 6 March 2022
- decision under Article 3 of the French Data Protection Act, the DPA assessed if TikTok fulfilled two requirements. Under the first one, (1) the provider73 KB (11,864 words) - 17:03, 6 December 2023
- context Article 29 of the Data Protection Act 2019 establishes exceptions in Article 9(1) GDPR, Article 15 GDPR, Article 16 GDPR, Article 18(1)(a) GDPR10 KB (1,037 words) - 14:52, 10 July 2020
- BVwG - W176 2244407-1/18E (category Article 15(4) GDPR)Administrative Court. 3. Legal Assessment 3.1. To dismiss the complaint 3.1.1. In accordance with Art. 15 Para. 1 GDPR, the data subject has the right to request48 KB (7,816 words) - 11:04, 29 July 2022
- OLG Dresden - 4 U 1905/21 (category Article 15(1) GDPR)on April 1, 2017 in the amount of €39.96, 14 Tariff B... increase on April 1, 2020 in the amount of €74.26, 15Tarif T... increase on April 1, 2017 in the40 KB (6,325 words) - 16:12, 18 May 2022
- LAG Hessen - 9 Sa 1431/19 (category Article 15(1) GDPR)the application in accordance with the wording of the provision of Article 15 (1) GDPR. 1. An application for action is sufficiently specific if it describes32 KB (5,093 words) - 16:07, 11 September 2022
- CNPD (Portugal) - Deliberação 2021/533 (category Article 9 GDPR)Data Protection Regulation - GDPR), in conjunction with Article 3, Article 4(2) and Article 6(1)(b), all of which are applicable to the processing of personal30 KB (4,708 words) - 16:56, 6 December 2023
- processing by the defendant can only be Article 6 (1) sentence 1 lit e) DSGVO (see b) or Article 6 (1) sentence 1 lit f) DSGVO (see c), the requirements51 KB (8,215 words) - 09:55, 13 May 2022
- CNIL (France) - SAN-2022-025 (category Article 4(11) GDPR)specified in the same Article 83." 112. Under Article 83 of the GDPR, as referred to in Article 20(III) of the Data Protection Act: "1. Each supervisory authority82 KB (13,463 words) - 17:03, 6 December 2023
- Gerechtshof Amsterdam - 200.248.187/01 (category Article 17 GDPR)within the scope of Article 10 because of the broad interpretation of "personal data of a criminal nature" as is referred to in Article 1 of the Act Implementing5 KB (641 words) - 10:50, 28 February 2022
- APD/GBA (Belgium) - 06/2019 (category Article 5(1)(c) GDPR)conformity with Article 5.1. c), Article 6.1., Article 13.1. c), Article 13.1. c), Article 13.1. e) and Article 13.2. a) of the DGPS pursuant to Article 101 of20 KB (3,137 words) - 16:51, 12 December 2023
- under Article L 521-2 of the Code of Administrative Justice or where it exists serious doubts as the legality of the decision, under Article L 521-1 of the10 KB (1,108 words) - 09:37, 29 September 2021
- APD/GBA (Belgium) - 37/2020 (category Article 17 GDPR)provided for in Article 56(1), read in conjunction with Article 56(2), read in conjunction with Article 56(3), read in conjunction with Article 56(4), read131 KB (22,429 words) - 16:57, 12 December 2023
- HDPA (Greece) - 32/2020 (category Article 5(1) GDPR)pertaining to human dignity (Article 2(1) Greek Constitution) and to the right to freely form one's personality (Article 5(1) Greek Constitution). The HDPA12 KB (1,464 words) - 15:37, 6 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - TSV/26/2020 (category Article 5(1)(e) GDPR)had violated Article 5(1)(e) GDPR and Article 25(2) GDPR. As a result, the DPA issued a reprimand to the controller in accordance with Article 58(2)(b) GDPR77 KB (12,352 words) - 07:20, 23 April 2024
- Garante per la protezione dei dati personali (Italy) - 9852214 (category Article 58(1) GDPR)data, in particular of children was in breach of Article 5, Article 6, Article 8, Article 9, and Article 25 GDPR. Consequently, the DPA urgently imposed36 KB (5,598 words) - 10:15, 8 February 2023
- AEPD (Spain) - PS/00341/2019 (category Article 21 GDPR)against the respondent, for the alleged infringement of Article 5.1.d) of the RGPD, typified in Article 83.5 of the RGPD. SIXTH: On October 28, 19, written26 KB (4,032 words) - 14:31, 13 December 2023
- AEPD (Spain) - PS/00001/2021 (category Article 5(1)(f) GDPR)sanctioned for infraction of the article 5.1.f) and 5.2 of the RGPD, typified in article 83.5.a) of the RGPD and in article 72.1.a) of the LOPDGDD, with an administrative270 KB (43,335 words) - 12:39, 13 December 2023
- GDPR, Article 9 GDPR, Article 10 GDPR, Article 30 GDPR and Article 34 GDPR, as well as the provision of the PDPA governing processing of personal data10 KB (1,440 words) - 08:54, 17 January 2020
- AZOP (Croatia) - Decision 05-10-2023 (category Article 5 GDPR)privacy policies, which is contrary to Article 12 paragraph 1 of the GDPR and, in this regard, to Article 13 paragraphs 1 and 2; 5. For the recording of telephone13 KB (1,934 words) - 20:55, 1 November 2023
- AKI (Estonia) - 12.10.2023 (category Article 44 GDPR)2097 35 lg 1 p 1235(1)12 of the AvTS § 35 lg 1 p 3, AvTS § Notice of termination of Termination of proceedings personal data protection case 1. The factual10 KB (1,381 words) - 10:27, 13 December 2023
- AP (The Netherlands) - 10.12.2019 (category Article 6(1)(a) GDPR)175 investigated are not compliant with the consent requirements under Article 6(1)(a) GDPR when placing cookies. Following its investigation of 175 websites5 KB (648 words) - 17:12, 12 December 2023
- SABAM’s injunction would (1) effectively impose on Netlog a general obligation to monitor, which was prohibited by Article 15(1) of Directive 2000/31 and8 KB (1,082 words) - 13:09, 1 June 2023
- HDPA (Greece) - 37/2020 (category Article 4(7) GDPR)accordance with article 11 par.1 Law 3471/2006, as applicable, the prior consent of the data subject, without prejudice to paragraph 3 of the same article, as applicable14 KB (2,127 words) - 15:37, 6 December 2023
- LG Wiesbaden - 10 O 14/21 (category Article 6(1) GDPR)for infringement of Article 6(1) GDPR. Furthermore, he argued the infringement of Article 26 GDPR (joint responsibility) and Article 44 GDPR (third country8 KB (1,078 words) - 15:36, 14 February 2023
- AZOP (Croatia) - Decision 10-08-2023 (category Article 5 GDPR)Protection Agency, OIB: 28454963989 on the basis of Article 57 paragraph 1 and of Article 58, Paragraphs 1 and 2 of Regulation (EU) 2016/679 of the European Parliament19 KB (2,955 words) - 16:29, 5 December 2023
- HDPA (Greece) - 38/2020 (category Article 4(7) GDPR)accordance with article 11 par.1 Law 3471/2006, as applicable, the prior consent of the data subject, without prejudice to paragraph 3 of the same article, as applicable14 KB (2,070 words) - 15:38, 6 December 2023
- within the meaning of the first paragraph of Article 2 of Directive 2002/58, read in conjunction with Article 2(b) of Directive 95/46. The information therefore5 KB (599 words) - 13:17, 1 June 2023
- CJEU - C-132/21 - Nemzeti Adatvédelmi és Információszabadság Hatóság (category Article 77(1) GDPR)preliminary ruling: ‘(1) Must Articles 77(1) and 79(1) GDPR be interpreted as meaning that the administrative appeal provided for in Article 77 GDPR constitutes9 KB (1,308 words) - 12:54, 28 June 2023
- UODO (Poland) - DKN.5131.6.2020 (category Article 33(1) GDPR)Article 57 (1) (a), Article 58 (2) (e) and (i), Article 83 (1) - (3) and Article 83 (4) (a) in connection with Article 33 (1) and Article 34 (1), (2) and66 KB (10,785 words) - 10:00, 17 November 2023
- CJEU - C‑307/22 - Copies of Medical Records (category Article 15(1) GDPR)subject's right of access is guaranteed by Article 15(1) GDPR. The court used Article 15(4) to read Article 15(3) as conferring a 'right' to the data free10 KB (1,478 words) - 11:17, 2 November 2023
- HDPA (Greece) - 28/2023 (category Article 58(2) GDPR)council in Greece to cease their processing activities, under Article 58(2) GDPR and Article 15(8) of Law 4624/2019, because of an unresolved data breach9 KB (1,211 words) - 20:32, 8 January 2024
- LAG Berlin-Brandenburg - 10 Sa 443/21 (category Article 15 GDPR)following the insufficient compliance with his access request pursuant to Article 15(1) GDPR. The data subject worked as a cook for over 20 years for the controller28 KB (4,527 words) - 15:58, 26 April 2022
- APD/GBA (Belgium) - 10/2019 (category Article 5(1)(b) GDPR)been taken up in Article 5(1)(b) of the GDPR under the Principles relating to the processing of personal data (Chapter II). Article 5(1)(b) of the RGPD32 KB (5,190 words) - 16:51, 12 December 2023
- Datatilsynet (Norway) - 20/02059 (category Article 5(1)(d) GDPR)against Google. The DPA noted that the lawful basis was Article 6(1)(f) GDPR and referred to the Article 29 Group's guidelines WP225 relating to search engine5 KB (532 words) - 06:53, 6 March 2022
- |GDPR_Article_1= |GDPR_Article_Link_1= |GDPR_Article_2= |GDPR_Article_Link_2= |GDPR_Article_3= |GDPR_Article_Link_3= |GDPR_Article_4= |GDPR_Article_Link_4=32 KB (6,006 words) - 16:33, 7 July 2021
- |GDPR_Article_1= |GDPR_Article_Link_1= |GDPR_Article_2= |GDPR_Article_Link_2= |GDPR_Article_3= |GDPR_Article_Link_3= |GDPR_Article_4= |GDPR_Article_Link_4=34 KB (5,924 words) - 18:14, 20 April 2021
- HDPA (Greece) - 56/2021 (category Article 13 GDPR)lawful processing of personal data (Article 5(1) of the GDPR), must, in accordance with Article 12(1) of the GDPR. 1 of the GDPR, must take appropriate54 KB (8,916 words) - 15:22, 22 February 2022
- AEPD (Spain) - PS/00235/2019 (category Article 6(1)(a) GDPR)thousand euros), under¬ Article 6.1 (a) and Article 5.1 (a) of the GDPR, under consideration as ‘very serious’, in¬ Article 71 (1) (a) and (b), respectively24 KB (4,074 words) - 14:21, 13 December 2023
- Directives 2001/29 and 2004/48, and that they therefore have to comply with "Article 15(1) Directive 2000/31, which prohibits national authorities from adopting9 KB (1,123 words) - 09:43, 2 December 2021
- Helsingin hallinto-oikeus (Finland) - H5259/2022 (category Article 6(1)(c) GDPR)6, Subsection 1, Clauses 1, 2 and 7 of the Data Protection Act, Article 9, Clause 1 of the Data Protection Regulation does not apply: 1) information obtained43 KB (6,678 words) - 08:41, 4 March 2024
- Tietosuojavaltuutetun toimisto (Finland) - 8979/162/21 (category Article 6(1) GDPR)the social and health authority of a city to have breached Article 6(1) GDPR and Article 10 GDPR by requesting data subjects to provide it with personal19 KB (2,906 words) - 09:35, 4 March 2024
- IMY (Sweden) - DI-2019-9457 (category Article 32(1) GDPR).......... ..... 10 Postal address: Box 8114 104 20 Stockholm Website: www.imy.se E-mail: imy@imy.se Phone: 08-657 61 00 Page 1 of 10, Integrity Protection43 KB (4,600 words) - 17:08, 23 March 2022
- AEPD (Spain) - PS/00070/2019 (category Article 5(1)(a) GDPR)DPA referred to Article 5(1)(a) (principle of lawfulness, fairness and transparency), Article 12(1), Article 7, Article 13 and Article 14 GDPR, the corresponding422 KB (70,184 words) - 13:56, 13 December 2023
- NAIH (Hungary) - NAIH-1091-10/2022 (NAIH-6936/2021) (category Article 6(1) GDPR)management, - Article 12 (1) of the GDPR, as it did not provide transparent and understandable information, - Article 15 (1) and Article 17 (1) of the GDPR69 KB (11,255 words) - 10:08, 17 November 2023
- Datatilsynet (Norway) - 21/01057 (redirect from Datatilsynet (Norway) - 21/01057-10) (category Article 57(1) GDPR)in Article 6 GDPR. If the information also includes sensitive data specified in Article 9(1) GDPR, there must be a basis for processing in Article 9(2)17 KB (2,399 words) - 16:20, 6 December 2023
- AEPD (Spain) - EXP202201721 (category Article 6(1) GDPR)infringement of article 6.1 of the RGPD, sanctioned in accordance with the provisions of article 83.5.a) of the aforementioned RGPD and article 32.1 of the RGPD79 KB (12,408 words) - 13:24, 13 December 2023
- CJEU - C-205/21 - Ministerstvo na vatreshnite raboti (category Article 9 GDPR)authorities for the purposes set out in Article 1(1) shall not be processed for purposes other than those set out in Article 1(1) unless such processing is authorised110 KB (18,000 words) - 08:01, 5 June 2023
- AEPD (Spain) - EXP202102430 (category Article 32 GDPR)functions assigned to the control authorities in the article 57.1 and the powers granted in article 58.1 of the Regulation (EU) C/ Jorge Juan, 6 www.aepd.es33 KB (4,835 words) - 13:26, 13 December 2023
- BVwG - W211 2222613-2/12E (redirect from BVwG - W211 2222613-2/12E (request for preliminary ruling under Article 267 TFEU)) (category Article 15(3) GDPR)reproduction of the personal data to be provided pursuant to Article 15(1) of the GDPR, Article 15(3) sentence 1 of the GDPR must be interpreted as meaning that, due51 KB (8,592 words) - 07:03, 2 November 2021
- limited by some principles inscribed in paragraphs 1 and 3 of article 3 and paragraph 1 of article 4 of the SIRP Framework Law: (i) the principle constitutionality233 KB (37,080 words) - 20:01, 31 March 2021
- regulation [1] for the data subject's consent in Article 4(11), and the basic principle of legality, reasonableness and transparency in Article 5(1)(a). Furthermore65 KB (9,767 words) - 16:22, 6 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 4359/163/2018 (category Article 5(1)(e) GDPR)the debt collection activities were completed. On the other hand, Section 10 (1) of the Accounting Act requires that certain data relating to accounting15 KB (2,249 words) - 13:05, 3 March 2024
- GHAL - 200.307.462 (category Article 10 GDPR)safeguards' as stated in Article 10 GDPR. Brein appealed this ruling. The Court of appeal held that it had to answer two questions: (1) if there was a legal28 KB (4,573 words) - 10:04, 14 December 2023
- HDPA (Greece) - 31/2023 (category Article 5(1)(c) GDPR)objections to their processing, according to with article 21 par. 1 of the GDPR, which is based on article 6 par. 1 item or GDPR. In his reply dated 24-05-202261 KB (10,257 words) - 10:15, 1 November 2023
- AP (The Netherlands) - 10.12.2020 (locatefamily.com) (category Article 27(1) GDPR)personal data within the meaning of Article 4, opening words and (1) of the AVG. Based on Article 2, paragraph 1 and Article 3, paragraph 2, of the AVG, the38 KB (6,339 words) - 17:14, 12 December 2023
- ensure that paragraph 1 is complied with. SECTION IV INFORMATION TO BE GIVEN TO THE DATA SUBJECT Article 10 Information in cases87 KB (14,773 words) - 09:28, 1 March 2022
- documentation is attached: 1. Communication received by the claimed at the email address <*** EMAIL.1> sent from <*** EMAIL.2> on May 10, 2020. 2. Plain header29 KB (4,536 words) - 14:25, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9256486 (category Article 4 GDPR)accountability (Article 5 (2) and 24 (1), (2) GDPR), privacy by design (Article 25 (1) GDPR) and as controller towards its data processors (Article 28 GDPR).144 KB (23,155 words) - 15:46, 6 December 2023