Search results
From GDPRhub
- Article 6 GDPR (category GDPR Articles) (section Tension with Article 5 and 12 GDPR in case of routine reliance on Article 6(4) GDPR)possible "legitimate interest" under Article 6(1)(f) GDPR. Equally to Article 6(1)(c) GDPR, Article 6(2) and (3) GDPR require that Union or Member State108 KB (17,005 words) - 15:39, 18 March 2024
- CJEU - C-175/20 - SIA ‘SS’ (Opinion of AG Bobek) (category Article 6(3) GDPR)specialized website. AG Bobek is also of the opinion that Article 6(1)(c) GDPR and Article 6(3) GDPR do not preclude national rules from laying down, without8 KB (1,081 words) - 13:13, 1 June 2023
- CJEU - C-184/20 - Vyriausioji Tarnybinės Etikos Komisija (category Article 6(3) GDPR)Articles 6(1)(c) and (e), 6(3) and 9(1) GDPR. The preliminary questions concern the issue whether the existence of a legal obligation – Article 6(1)(c) GDPR6 KB (522 words) - 13:15, 1 June 2023
- CJEU - C-268/21 - Norra Stockholm Bygg (category Article 6(3) GDPR)proportionality of the measure under Article 6(4) GDPR, in accordance with the objectives referred to in Article 23(1) GDPR. It recalled that these objectives9 KB (1,372 words) - 10:12, 7 June 2023
- Garante per la protezione dei dati personali (Italy) - 9283014 (category Article 6(3) GDPR)their health status, without appropriate legal grounds, as required by art. 6 GDPR and art 2-ter and 2-septies of the Italian Privacy Code, and going against6 KB (437 words) - 15:47, 6 December 2023
- Datatilsynet (Denmark) - 2019-431-0045 (category Article 6(3) GDPR)instruction, under Article 28(1) GDPR. Thus, it has not been decided on whether or not MaCom could process information in accordance with Article 6(3)(a), (1)(a)14 KB (2,119 words) - 16:36, 6 December 2023
- Garante per la protezione dei dati personali (Italy) - 9445324 (category Article 6(3) GDPR)par. 1, letter a) and c); 6, par. 1, letter c) and e), par. 2 and par. 3, letter b) and Article 2-ter, paragraphs 1 and 3, caused by the conduct of the19 KB (2,989 words) - 15:51, 6 December 2023
- Garante per la protezione dei dati personali (Italy) - 9440000 (category Article 6(3) GDPR)Articles 6(1)(c) or 6(1)(e). Therefore, the DPA issued a sanction of €2000 against the Municipality for violating Articles 6(1)(c), (e), 6(2), and 6(3)(b).24 KB (3,852 words) - 15:50, 6 December 2023
- Garante per la protezione dei dati personali (Italy) - 9446659 (category Article 6(3) GDPR)with a legal obligation to which the controller is subject, under Article 6 (1) (c) GDPR. In this case, the compliants' personal data remained published25 KB (3,911 words) - 15:51, 6 December 2023
- Garante per la protezione dei dati personali (Italy) - 9451734 (category Article 6(3) GDPR)to be heard by the Authority, within 30 days (Article 166, paragraphs 6 and 7, of the Code, and Article 18, paragraph 1, by Law No. 689 of 24/11/1981)24 KB (3,697 words) - 15:52, 6 December 2023
- Garante per la protezione dei dati personali (Italy) - 9440075 (category Article 6(3) GDPR)with art. 5 and 6 of the GDPR? The DPA held that Regione Campania violated art 5(1)(a)(c), art. 6(1)(c)(e), art. 6(2) and art. 6(3)(b) GDPR, and concluded27 KB (4,339 words) - 15:50, 6 December 2023
- Garante per la protezione dei dati personali (Italy) - 9361186 (category Article 6(3) GDPR)Municipality lawful in accordance with Articles 5(1)(c), 6(1)(c), (e), 6(2), and 6(3)(b) GDPR? The DPA held that the disclosure of the personal data by31 KB (5,041 words) - 15:49, 6 December 2023
- VGH München – 5 CS 19.2087 (category Article 6(3) GDPR)Art. 6 para. 1 sentence 1 lit. c, para. 3 sentence 1, Art. 86 GKG § 47 (1), § 52 (2), § 53 (2) no. 2, § 63 (3) sentence 1 no. 2, § 66 (3) sentence 3, § 6840 KB (6,397 words) - 08:03, 21 March 2022
- Datatilsynet (Norway) - 20/01949 (category Article 6(3) GDPR)the processing, together with the Privacy Ordinance Article 6 No. 1 letter c or e, cf. Article 6 No. 3, as of Arendal municipality is stated as a basis for49 KB (7,572 words) - 16:14, 6 December 2023
- DVI (Latvia) - SIA “Lursoft IT” (category Article 6(3) GDPR)legal basis for processing the data under Article 6(1)(c) GDPR. The Latvian DPA also held that Article 6(1)(e) GDPR could not be relied upon as a legal basis90 KB (14,351 words) - 16:10, 6 December 2023
- APD/GBA (Belgium) - 55/2021 (category Article 6(3) GDPR)the present case. Under Article 6.3.b) andof recital 45 of the GDPR, processing based on Article 6.1.e) must fulfill twoconditions:- The data controller81 KB (13,211 words) - 16:59, 12 December 2023
- Court of Appeal of Brussels - 2022/AR/556 (category Article 6(3) GDPR)reasons, article 780, 3° of the Judicial Code, article 149 of the Constitution and article 6 of the ECHR - the pleas not explicitly stated. 17.3.3. The Procurement83 KB (13,694 words) - 09:53, 14 December 2023
- APD/GBA (Belgium) - 24/2021 (category Article 6 GDPR)the basis of article 6.1 e) GDPR read together with articles 5.2 GDPR and 24.1 GDPR. 3) Violation of Articles 12.1, 12.6, 13.1 and 13.2 GDPR: the Inspection110 KB (18,238 words) - 16:56, 12 December 2023
- Hoge Raad - 21/00241 (category Article 6(1)(c) GDPR)legal obligation within the meaning of Article 6(1)(c) GDPR. The second and third question Since Article 6(1)(f) GDPR is the legal basis for the controller's29 KB (4,605 words) - 17:00, 15 December 2021
- CNIL (France) - SAN-2023-076 (category Article 14 GDPR)communications under Article 14 GDPR were not legally necessary, as in the present case, Article 23 GDPR restrictions were applicable. Article 23 GDPR establishes36 KB (5,524 words) - 17:01, 6 December 2023
- IP - 07121-1/2020/1570 (category Article 6(3) GDPR)the Slovenian National Institute of Public Health? The IP held that Article 6(3) GDPR applies in this context. As such the legal basis for processing is9 KB (1,289 words) - 11:06, 13 January 2021
- APD/GBA (Belgium) - 12/2023 (category Article 6(3) GDPR)King under Article 88 of the Belgian Constitution. Lawfulness The DPA examined the existence of a legal basis on the basis of Article 6(1)(e) GDPR, which requires9 KB (1,185 words) - 15:04, 22 February 2023
- IMY (Sweden) - DI-2019-3375 (category Article 6(3) GDPR)no legal basis. This was a breach of Article 5(1) GDPR, Article 6(3) GDPR, Article 9(1) GDPR and Article 9(3) GDPR as well as Swedish health care legislation15 KB (1,735 words) - 08:36, 29 July 2021
- Rb. Amsterdam - 20/1908 (category Article 6(3) GDPR) (section 2. Is Spanish royal decree 1070/2017 a law under the GDPR?)follows from Article 6 (3) of the GDPR that the legal basis for the processing referred to in Article 6 (1), preamble and under c, of the GDPR must be determined21 KB (3,054 words) - 10:07, 10 September 2021
- OLG Frankfurt am Main - 6 U 17 / 19 (category Article 6(3) GDPR)articles 6(2) and 6(3) GDPR allow the Member States to introduce more specific provisions to adapt the application of the rules of Article 6(1)(e) GDPR, the17 KB (2,633 words) - 10:14, 10 September 2021
- Datatilsynet (Norway) - PVN-2022-21 (category Article 6(3) GDPR)under Article 6(1)(e) GDPR, Article 6(3) GDPR, (and the Norwegian Personal Data Act § 8). The Norwegian Privacy Appeals Board noted that under Article 5(1)(b)25 KB (3,868 words) - 15:17, 26 April 2023
- VGH München - 4 ZB 23.1056 (category Article 6(3) GDPR)processing of personal data on the basis of Article 6(1)(e) GDPR, and the requirement of Article 6(3)(b) GDPR was satisfied, too. Also, the VGH held it to26 KB (4,050 words) - 14:05, 31 October 2023
- Datatilsynet (Norway) - 21/00872 (category Article 6(3) GDPR)DPA held that the controller had violated Article 6(1) GDPR and Article 6(3) GDPR, thus also Article 5(1)(a) GDPR, for lack of legal basis for publishing27 KB (4,145 words) - 08:21, 27 June 2022
- VGH München - 12 B 19.1648 (category Article 6(3) GDPR)follows from Article 6(3) of the Basic Regulation that legal obligations in other Member States are not relevant. Furthermore, Article 3(1), first sentence25 KB (3,847 words) - 12:32, 31 January 2022
- APD/GBA (Belgium) - 124/2021 (category Article 6(3) GDPR)including the general conditions on the 10Art. 6, 1, (c) of the GDPR. 11 art. 6, 1, (e) of the GDPR 12Art. 6.3 of the AVG. Decision on the merits 124/202138 KB (5,625 words) - 10:37, 7 December 2021
- Persónuvernd (Island) - 2022081290 (category Article 6(3) GDPR)authority under Article 6(1)(e) GDPR and whether a clear legal obligation prescribing such processing was given as per Article 6(3) GDPR. In this, the DPA31 KB (4,936 words) - 09:53, 10 January 2024
- Datatilsynet (Denmark) - 2023-212-0015 (category Article 6(3) GDPR)the City wished to rely on Articles 6(1)(e) and 9(1)(g) GDPR. Under Article 6(3) GDPR, reliance on Article 6(1)(e) GDPR as a legal basis for processing must56 KB (8,857 words) - 12:38, 29 November 2023
- APDCAT (Catalonia) - IAI 43/2022 (category Article 6(3) GDPR)foreseen in Article 6(3) GDPR and its counterpart of the national law, Article 8 of Ley Orgánica 3/2018. On the other hand, Article 86 of the GDPR foresees34 KB (5,182 words) - 13:13, 14 December 2022
- VGH München - 5 CS 20.1302 (category Article 6(3) GDPR)meaning of Article 4 (1) and (2) GDPR, this would be justified under Article 6 (1)(c) and (3). The court also found that the VIG complies with Article 86 GDPR:29 KB (4,594 words) - 12:48, 15 September 2021
- VG München - M 32 K 20.2879 (category Article 6(3) GDPR)recitals of the GDPR and to Article 86 GDPR which concerns public access to official documents, as well as Article 6(2) GDPR and Article 6(3) GDPR which provides34 KB (5,661 words) - 13:40, 20 September 2021
- VG München - M 3 E 22.667 (category Article 6(3) GDPR)17 (1) (c) GDPR also opens up to provisions of national law via the implicit reference to Art. 6 GDPR; According to Art. 6 Para. 2, 3 GDPR, the national34 KB (5,550 words) - 14:38, 15 June 2022
- Garante per la protezione dei dati personali (Italy) - 9578184 (category Article 6(3) GDPR) (section 3. Principle of data minimisation)to events during the Covid-19 pandemic violates Articles 5, 6(3)(b), 9, 13, 14, 25 and 32 GDPR. On the 22nd of April 2021, the Decree Law (decreto legge)33 KB (5,141 words) - 10:30, 19 May 2021
- VG Osnabrück - 1 B 72/21 (category Article 6(3) GDPR)meaning of Article 6 Paragraph 3 in conjunction with Paragraph 1 Letter c) or Letter e) GDPR, whereby according to Article 85 Paragraph 1, 2 GDPR the protection34 KB (5,527 words) - 13:49, 12 April 2022
- FG Nürnberg - 3 K 596/22 (category Article 6(3) GDPR)legislator used the open clause of Article 6(1)(c) and (e) GDPR, in combination with Article 6(2) and Article 6(3) GDPR, to create a legal basis for the38 KB (6,277 words) - 08:12, 18 May 2023
- Datatilsynet (Norway) - 20/01772 (category Article 6(3) GDPR)Protection Regulation article 6 no. 1 letters c and e, and that the supplementary legal basis according to article 6 no. 3 was Church Act § 3 no. 10 and provisions53 KB (7,945 words) - 10:46, 24 January 2023
- Garante per la protezione dei dati personali (Italy) - 9778996 (category Article 6(3) GDPR)and (1)(e) of Article 6 GDPR. The violation of Article 2-ter of the Code is a direct consequence of the violation of Articles 5 and 6 GDPR. Finally, the49 KB (7,883 words) - 15:12, 13 July 2022
- APD/GBA (Belgium) - 162/2022 (category Article 6(3) GDPR)and (2) GDPR; b. a breach of Article 12(1) and (6) GDPR, Article 13(1) and (2) GDPR and Article 14(1) and (2) GDPR, Article 5(2) GDPR, Article 24(1) GDPR71 KB (10,426 words) - 08:21, 23 November 2022
- VerfGH Saarland - VerfGH Lv 15/20 (category Article 6(3) GDPR)basis of consent, Article 6 (1) (a) GDPR. In particular, Article 6 (1) (c) (legal obligation of the controller and Article 6 (1) (e) GDPR (public interest)66 KB (10,700 words) - 14:15, 20 September 2021
- Datatilsynet (Norway) - 22/03622 (category Article 6(3) GDPR)basis as per Article 6(3) GDPR to process the transaction personal data ("bongdata" in Norwegian) as intended, and based on Article 58(2)(f) GDPR imposed a73 KB (10,929 words) - 08:41, 31 May 2023
- Article 5 GDPR (category GDPR Articles)consent under Article 6(4) GDPR and further processing for a compatible purpose under Article 6(4) GDPR. See the commentary on Article 6(4) GDPR for details51 KB (6,355 words) - 08:25, 18 April 2024
- Garante per la protezione dei dati personali (Italy) - 9789037 (category Article 6(3) GDPR)materia di protezione dei dati personali”; and of Article 6(1)(c), Article 6(1)(e), Article 6(2) and Article 6(3)(b). The Italian DPA did not impose a fine because75 KB (11,970 words) - 15:39, 3 December 2022
- Article 58 GDPR (category GDPR Articles) (section (d) Order to bring processing in compliance with the GDPR)access (Article 15 GDPR), rectification (Article 16 GDPR), erasure (Article 17 GDPR), restriction (Article 18 GDPR), notification (Article 19 GDPR) or data46 KB (5,825 words) - 11:12, 7 November 2023
- OVG Bautzen - 3 B 357/20 (category Article 6(3) GDPR)accordance with Article 6(2) GDPR and Article 6(3) GDPR for adaptation to the application of Article 6(1)(c) GDPR and Article 6(1)(e) GDPR. The court stressed111 KB (18,198 words) - 11:22, 27 November 2023
- Article 13 GDPR (category GDPR Articles) (section Automated decision-making ... referred to in Article 22(1) and (4))reliance on Article 6(1)(f) GDPR or at least exercise the right to object under Article 21 GDPR. If the legal basis is Article 6(1)(f) GDPR (i.e. 'legitimate71 KB (9,532 words) - 13:30, 6 March 2024
- safeguards (see Article 32(1)(a) GDPR); Handling of personal data breaches (see Article 34(3)(a) GDPR); Changing purposes of data processing (Article 6(4)(e) GDPR);125 KB (16,328 words) - 16:01, 8 March 2024