Search results
From GDPRhub
- ANSPDCP (Romania) - Fine against Telekom Romania Communications (category Article 58(2)(d) GDPR)according to Article 58(2)(d). Share blogs or news articles here! The decision below is a machine translation of the Romanian original. Please refer to the4 KB (456 words) - 15:18, 13 December 2023
- ANSPDCP (Romania) - Fine against Proleasing Motors SRL (category Article 58(2)(d) GDPR)Romanian DPA (ANSPDCP) fined leasing company €15,000 for violation of Article 32(1) and (2) GDPR after investigating a data breach reported by the company, where6 KB (732 words) - 15:17, 13 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 6609/163/19 (category Article 58(2)(d) GDPR)enshrined in Article 5(1)(c) GDPR. The Finish DPA further ordered the controller to bring its processing activities into compliance under Article 58(2)(d) GDPR13 KB (1,873 words) - 13:06, 3 March 2024
- Tietosuojavaltuutetun toimisto (Finland) - 3425/157/2019, 3578/157/2019, 3846/157/2019, 3871/157/2019, 3891/152/2019, 3918/157/2019, 4338/157/2019, 4666/154/2019, 5973/157/2019, 6773/157/2019 ja 7022/157/2019 (category Article 58(2)(d) GDPR)subjects had not suffered any financial harm. Furthermore, as per Article 58(2)(c) and (d) GDPR, the DPA ordered the controller to comply with the data subjects’4 KB (359 words) - 13:03, 3 March 2024
- Tietosuojavaltuutetun toimisto (Finland) - 1011/161/22 (category Article 58(2)(d) GDPR)reprimand to the controller in accordance with Article 58(2)(b) GDPR. Pursuant to Article 58(2)(d) GDPR, the DPA also ordered the controller to erase the15 KB (2,137 words) - 20:18, 27 March 2024
- Tietosuojavaltuutetun toimisto (Finland) - 8205/154/18 (category Article 58(2)(d) GDPR)processing operations in line with the provisions of the GDPR in accordance with Article 58 (2) (d). Share blogs or news articles here! The decision below12 KB (1,810 words) - 13:07, 3 March 2024
- BAC (Bulgaria) - 2606/2021 (category Article 58(2)(d) GDPR)CPDP issued NRA an order under Article 58(2)(d) supra Article 57(1)(a) and Article 83(2)(a), (c), (d), (f) and (g) of the GDPR for undertaking suitable technical13 KB (1,761 words) - 09:58, 14 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 128/182/19 (category Article 58(2)(d) GDPR)considered appropriate in accordance with Article 31(1)(b) GDPR and Article 32(2) GDPR. Pursuant to Article 58(2)(d) GDPR, the DPA ordered the controller to identify17 KB (2,339 words) - 13:39, 12 January 2024
- Tietosuojavaltuutetun toimisto (Finland) - 6629/163/21 (category Article 58(2)(d) GDPR)reprimand to the controller in accordance with Article 58(2)(b) GDPR. Pursuant to Article 58(2)(d) GDPR, the DPA also ordered the controller to bring its21 KB (3,204 words) - 13:37, 12 January 2024
- Tietosuojavaltuutetun toimisto (Finland) - 9885/157/19 (category Article 58(2)(d) GDPR)subject's rights, such as the right to object according to Article 21 GDPR. Pursuant to Article 58(2)(d) GDPR, the DPA ordered the controller to ensure that data21 KB (3,097 words) - 13:40, 12 January 2024
- DPC (Ireland) - Inquiry into Airbnb Ireland UC - 28 September 2023 (category Article 58(2)(d) GDPR)infringements of Article 5(1)(c), Article 5(1)(e) and Article 6(1)(f) the DPC issued a reprimand to Airbnb pursuant to Article 58(2)(b) of the GDPR. In addition17 KB (2,411 words) - 09:25, 27 November 2023
- Tietosuojavaltuutetun toimisto (Finland) - TSV/29/2020 (category Article 58(2)(d) GDPR)violated Article 5(1)(c) GDPR, Article 25(2) GDPR and Section 29(4) of the Finnish Data Protection Act. As a result, and in accordance with Article 58(2)(d)25 KB (3,651 words) - 09:37, 3 April 2024
- AEPD (Spain) - PS/00322/2020 (category Article 58(2)(d) GDPR)the GDPR, pursuant to Articles 58(2)(b) and (d) respectively. For the violation of Article 5(1)(f), it issued a fine of €10000, pursuant to Article 58(2)(i)26 KB (3,840 words) - 14:28, 13 December 2023
- NAIH (Hungary) - NAIH/2020/2000/5 (category Article 58(2)(d) GDPR)by the above Registry, (1) and (2) and Article 13.II.The Authority instructs the Obliged Pursuant to Article 58 (2) (d) of the General Data Protection24 KB (3,815 words) - 10:11, 17 November 2023
- Datatilsynet (Denmark) - 2020-431-0061 (Helsingor decision no. 4) (category Article 58(2)(d) GDPR)notified in accordance with the data protection regulation, article 58, subsection 2, letter d. Failure to comply with an order can - unless a higher penalty25 KB (3,660 words) - 08:42, 14 September 2022
- Tietosuojavaltuutetun toimisto (Finland) - TSV/224/2023 (category Article 58(2)(d) GDPR)violated Article 5(1)(c) GDPR, Article 5(1)(e) GDPR, Article 12(2) GDPR, Article 12(6) GDPR and Article 25(2) GDPR. In accordance with Article 58(2)(c) GDPR31 KB (4,693 words) - 11:50, 6 March 2024
- AKI (Estonia) - 2.1.-1/22/1396 (category Article 58(2)(d) GDPR)RESOLUTION Article 56 (1) and (2) point 8, § 58 (1) of the Personal Data Protection Act (hereafter IKS) and Article 58 (1) point d and (2) points d, e and34 KB (5,305 words) - 08:40, 29 June 2023
- Tietosuojavaltuutetun toimisto (Finland) - 8040/163/2019 (category Article 58(2)(d) GDPR)Art 4 (11) GDPR. In accordance with Art 58(2)(d), the Finnish DPA instructs the controller to align its process to obtain consent with the GDPR provisions29 KB (4,610 words) - 13:07, 3 March 2024
- Datatilsynet (Norway) - 21/02873 (category Article 12(2) GDPR)In an Article 60 GDPR procedure, the Norwegian DPA ordered an HR-services provider, pursuant to Article 58(2)(d) GDPR, to provide the data subject with13 KB (1,583 words) - 16:20, 6 December 2023
- Garante per la protezione dei dati personali (Italy) - 9509515 (category Article 58(2)(d) GDPR)minimisation, pursuant to Article 58(2)(d). The Garante also fined the company €20000 for its breach of Articles 5(1)(a) and (c) GDPR. In determining the amount33 KB (5,342 words) - 15:52, 6 December 2023
- AEPD (Spain) - EXP202105669 (category Article 58(2)(d) GDPR)regulated in article 32 of the GDPR, which regulates the security of the treatment. IV. Article 5.1.f) of the GDPR Article 5.1.f) of the GDPR establishes45 KB (6,998 words) - 12:58, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9446730 (category Article 58(2)(d) GDPR)circumstances of the specific case (art. 58, par. 2, letter i) Regulation). 4. Order for an injunction. Pursuant to art. 58(2)(i) of the Regulation and art. 166(3)34 KB (5,420 words) - 15:51, 6 December 2023
- DSB (Austria) - D130.206/0006-DSB/2019 (category Article 58(2)(d) GDPR)in line with Article 13 GDPR. On the DSB's request, the controller declared R*** Hotels GmbH as its representative under Article 27 GDPR and sent a reply40 KB (6,007 words) - 13:59, 12 May 2023
- AEPD (Spain) - PS/00029/2020 (category Article 58(2)(d) GDPR)under Article 58(2)(b) GDPR. The Authority ordered the Health Service to carry out a DPIA and bring its processing operations in line with the GDPR within44 KB (6,943 words) - 13:49, 13 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 4431/161/21 (category Article 58(2)(d) GDPR)to the controller in accordance with Article 58(2)(b) GDPR. Pursuant to Article 58(2)(d) GDPR, the DPA also ordered the controller to comply with the principles54 KB (8,279 words) - 13:53, 21 March 2024
- Personvernnemnda (Norway) - 2022-13 (21/00481) (category Article 58(2)(d) GDPR)controller) about €352,555 (NOK 4,000,000) for violating Article 5(1)(f) GDPR, Article 24 GDPR and Article 32 GDPR after a serious ransomware attack led to highly45 KB (6,913 words) - 12:13, 15 March 2023
- Tietosuojavaltuutetun toimisto (Finland) - 4282/161/21 (category Article 58(2)(d) GDPR)controller had violated Article 5(1)(f) GDPR, Article 17(1) GDPR, Article 25(1) GDPR, Article 32(1) GDPR and Article 32(2) GDPR. As a result, the DPA issued56 KB (8,980 words) - 08:47, 4 March 2024
- Tietosuojavaltuutetun toimisto (Finland) - 3831/161/21 (category Article 58(2)(d) GDPR)reprimand to the controller in accordance with Article 58(2)(b) GDPR. Pursuant to Article 58(2)(d) GDPR, the DPA also ordered the controller to define61 KB (9,477 words) - 13:38, 12 January 2024
- AEPD (Spain) - PS/00201/2019 (category Article 58(2)(d) GDPR)The AEPD then issued the MCP with a warning under Article 83(5)(b) and pursuant to Article 58(2)(d) ordered the MCP to adapt its information provision54 KB (9,019 words) - 14:10, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9435807 (category Article 58(2)(d) GDPR)constituted a violation of Articles 123(2) and 132-ter of the Italian Privacy Code. Applying Articles 58(2)(d) and (2)(i), the Garante ordered Iliad to adapt58 KB (9,448 words) - 15:50, 6 December 2023
- AEPD (Spain) - PS/00025/2019 (category Article 58(2)(d) GDPR)third parties (article 83.2.k, of the RGPD in relationwith article 76.2.b, of the LOPDGDD)SAWIn accordance with articles 58.2 and 83.2 of the RGPD, previously88 KB (14,301 words) - 13:48, 13 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 3021/452/2017 (category Article 58(2) GDPR) (section Application of Articles 12 and 15 GDPR to call records)(2016/679) Article 5 (1) (a), Article 12 (1), (2) and (6) , Article 13, Article 15 (1) (h), (3) and (4), Article 58 (2) (c) and (d) subparagraphs Article 34 (1)41 KB (6,220 words) - 09:48, 17 November 2023
- HDPA (Greece) - 44/2019 (category Article 58(2)(d) GDPR)internal compliance and accountability according to Article 5(1) GDPR, Article 5(2) GDPR and Article 6(1) GDPR. Since the company had totally ignored the its127 KB (21,184 words) - 15:39, 6 December 2023
- Garante per la protezione dei dati personali (Italy) - 9435753 (category Article 58(2)(d) GDPR)Company itself, pursuant to Article 58, paragraph 2, letter i), of the Regulation, Article 166, paragraph 7, of the Code and Article 18 of Law no. 689/1981129 KB (21,020 words) - 15:49, 6 December 2023
- Garante per la protezione dei dati personali (Italy) - 9570997 (category Article 58(2)(d) GDPR)reasons the Italian DPA, with the power conferred by Article 58(2)(d) and (f) and Article 83(3) and (5) GDPR, imposed to Fastweb multiple corrective measures131 KB (21,014 words) - 15:55, 6 December 2023
- Persónuvernd (Island) - 2022020363 (category Article 58(2)(d) GDPR)administrative fine in the amount of 2,000,000 ISK on the controller under Article 83(2)(a) GDPR and Article 83(2)(g) GDPR. This is just one of five decisions142 KB (22,881 words) - 12:42, 16 January 2024
- AEPD (Spain) - EXP202211775 (category Article 6(1) GDPR)homeowner’s association. The DPA fined the controller $300 under Article 58(2)(d) GDPR and ordered that the cameras be removed or reoriented so that they2 KB (174 words) - 12:40, 13 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 3846/157/2019 (category Article 17 GDPR)with Article 58 section 2 C, the DPA ordered the controller to delete the data subject’s data in accordance with Article 17 GDPR. Pursuant to Article 58(2)(d)4 KB (424 words) - 13:05, 3 March 2024
- ANSPDCP (Romania) - 24.04.2023 (category Article 12(3) GDPR)violated Article 12(3) and Article 21 GDPR by not respecting the data subject's objection. Based on its powers pursuant to Article 58(2)(i) GDPR, the DPA6 KB (707 words) - 15:15, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9518890 (category Article 5(1)(a) GDPR)context of employment as per Article 88 GDPR. For these reasons, the Garante: - With the power conferred by Article 58(2)(i) GDPR, imposed a fine of €20,0004 KB (460 words) - 15:53, 6 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 1198/161/2022 (category Article 9(2)(a) GDPR)within the meaning of Article 4(15) GDPR and Article 9(1) GDPR. Processing of sensitive data requires a legal basis under Article 9(2) GDPR. In the present case13 KB (1,847 words) - 15:52, 11 December 2023
- IDPC (Malta) - EDPBI:MT:OSS:D:2022:341 (category Article 58(2)(d) GDPR)access request (Article 15 GDPR). Therefore, the controller violated Article 12(2) GDPR. The DPA reprimanded the controller (Article 58(2)(b) GDPR) and ordered8 KB (958 words) - 13:00, 9 November 2022
- AZOP (Croatia) - Decision 04-07-2022 (category Article 58(1) GDPR)space. The DPA found a violation of Article 6(1) GDPR and ordered the controller, pursuant to Article 58(2)(d) GDPR, to adjust the location of the cameras14 KB (2,038 words) - 15:20, 30 October 2023
- ANSPDCP (Romania) - Fine against LORIS FUEL SHOP SRL (category Article 58(2)(d) GDPR)instruction to ensure compliance with the GDPR, the ANSPDCP did not explicitly refer to Article 58(2)(d) GDPR but it can be assumed that the instruction5 KB (572 words) - 14:37, 18 May 2022
- ANSPDCP (Romania) - 31.01.2024 (category Article 58(2)(d) GDPR)investigation, in accordance with Article 58(2)(d) GDPR, the DPA also imposed on the controller the corrective measure to provide and communicate all the7 KB (830 words) - 16:14, 14 February 2024
- ANSPDCP (Romania) - Compania Națională Poșta Română SA (category Article 58(2)(d) GDPR)provisions of Article 32(1)(b) GDPR and Article 32(2) GDPR. The DPA fined the processor €2,000 for this data breach. Under the Article 58(2)(d) GDPR it was decided8 KB (948 words) - 16:44, 15 November 2022
- DPC - Tusla Child and Family Agency (category Article 58(2)(d) GDPR)compliance with Article 32(1) and issued reprimands in respect of the infringements, pursuant to Articles 58(2)(b), (d), and (i) GDPR respectively. Procedure6 KB (761 words) - 21:06, 24 February 2021
- AEPD (Spain) - PS-00563-2022 (category Article 58(2)(d) GDPR)that a fine of €2,000 be set for the infringement of Article 13 GDPR as defined in Article 83(5) GDPR. Pursuant to Article 58(2)(d) GDPR the Spanish DPA8 KB (1,017 words) - 09:54, 18 January 2024
- ANSPDCP (Romania) - Asociația de Proprietari Aviației Park (category Article 58(2)(d) GDPR)which the data are processed. At the same time, pursuant to art. 58 para. (2) lit. d) from the RGPD, the following corrective measures were ordered against9 KB (1,206 words) - 13:59, 4 September 2022
- CNIL (France) - 2c1s196162814 (category Article 58(2)(d) GDPR)personal data. The DPA also issued a formal notice pursuant of Article 58(2)(d) GDPR and Article 20.II of the French Data Protection Act to limit the retention13 KB (1,877 words) - 12:06, 4 January 2023