Search results
From GDPRhub
- IP - 07121-1/2020/1570 (category Article 6(3) GDPR)the Slovenian National Institute of Public Health? The IP held that Article 6(3) GDPR applies in this context. As such the legal basis for processing is9 KB (1,289 words) - 11:06, 13 January 2021
- APD/GBA (Belgium) - 12/2023 (category Article 6(3) GDPR)King under Article 88 of the Belgian Constitution. Lawfulness The DPA examined the existence of a legal basis on the basis of Article 6(1)(e) GDPR, which requires9 KB (1,185 words) - 15:04, 22 February 2023
- IMY (Sweden) - DI-2019-3375 (category Article 6(3) GDPR)no legal basis. This was a breach of Article 5(1) GDPR, Article 6(3) GDPR, Article 9(1) GDPR and Article 9(3) GDPR as well as Swedish health care legislation15 KB (1,735 words) - 08:36, 29 July 2021
- Rb. Amsterdam - 20/1908 (category Article 6(3) GDPR) (section 2. Is Spanish royal decree 1070/2017 a law under the GDPR?)follows from Article 6 (3) of the GDPR that the legal basis for the processing referred to in Article 6 (1), preamble and under c, of the GDPR must be determined21 KB (3,054 words) - 10:07, 10 September 2021
- OLG Frankfurt am Main - 6 U 17 / 19 (category Article 6(3) GDPR)articles 6(2) and 6(3) GDPR allow the Member States to introduce more specific provisions to adapt the application of the rules of Article 6(1)(e) GDPR, the17 KB (2,633 words) - 10:14, 10 September 2021
- Datatilsynet (Norway) - PVN-2022-21 (category Article 6(3) GDPR)under Article 6(1)(e) GDPR, Article 6(3) GDPR, (and the Norwegian Personal Data Act § 8). The Norwegian Privacy Appeals Board noted that under Article 5(1)(b)25 KB (3,868 words) - 15:17, 26 April 2023
- VGH München - 4 ZB 23.1056 (category Article 6(3) GDPR)processing of personal data on the basis of Article 6(1)(e) GDPR, and the requirement of Article 6(3)(b) GDPR was satisfied, too. Also, the VGH held it to26 KB (4,050 words) - 14:05, 31 October 2023
- Datatilsynet (Norway) - 21/00872 (category Article 6(3) GDPR)DPA held that the controller had violated Article 6(1) GDPR and Article 6(3) GDPR, thus also Article 5(1)(a) GDPR, for lack of legal basis for publishing27 KB (4,145 words) - 08:21, 27 June 2022
- VGH München - 12 B 19.1648 (category Article 6(3) GDPR)follows from Article 6(3) of the Basic Regulation that legal obligations in other Member States are not relevant. Furthermore, Article 3(1), first sentence25 KB (3,847 words) - 12:32, 31 January 2022
- APD/GBA (Belgium) - 124/2021 (category Article 6(3) GDPR)including the general conditions on the 10Art. 6, 1, (c) of the GDPR. 11 art. 6, 1, (e) of the GDPR 12Art. 6.3 of the AVG. Decision on the merits 124/202138 KB (5,625 words) - 10:37, 7 December 2021
- Persónuvernd (Island) - 2022081290 (category Article 6(3) GDPR)authority under Article 6(1)(e) GDPR and whether a clear legal obligation prescribing such processing was given as per Article 6(3) GDPR. In this, the DPA31 KB (4,936 words) - 09:53, 10 January 2024
- Datatilsynet (Denmark) - 2023-212-0015 (category Article 6(3) GDPR)the City wished to rely on Articles 6(1)(e) and 9(1)(g) GDPR. Under Article 6(3) GDPR, reliance on Article 6(1)(e) GDPR as a legal basis for processing must56 KB (8,857 words) - 12:38, 29 November 2023
- APDCAT (Catalonia) - IAI 43/2022 (category Article 6(3) GDPR)foreseen in Article 6(3) GDPR and its counterpart of the national law, Article 8 of Ley Orgánica 3/2018. On the other hand, Article 86 of the GDPR foresees34 KB (5,182 words) - 13:13, 14 December 2022
- VGH München - 5 CS 20.1302 (category Article 6(3) GDPR)meaning of Article 4 (1) and (2) GDPR, this would be justified under Article 6 (1)(c) and (3). The court also found that the VIG complies with Article 86 GDPR:29 KB (4,594 words) - 12:48, 15 September 2021
- VG München - M 32 K 20.2879 (category Article 6(3) GDPR)recitals of the GDPR and to Article 86 GDPR which concerns public access to official documents, as well as Article 6(2) GDPR and Article 6(3) GDPR which provides34 KB (5,661 words) - 13:40, 20 September 2021
- VG München - M 3 E 22.667 (category Article 6(3) GDPR)17 (1) (c) GDPR also opens up to provisions of national law via the implicit reference to Art. 6 GDPR; According to Art. 6 Para. 2, 3 GDPR, the national34 KB (5,550 words) - 14:38, 15 June 2022
- Garante per la protezione dei dati personali (Italy) - 9578184 (category Article 6(3) GDPR) (section 3. Principle of data minimisation)to events during the Covid-19 pandemic violates Articles 5, 6(3)(b), 9, 13, 14, 25 and 32 GDPR. On the 22nd of April 2021, the Decree Law (decreto legge)33 KB (5,141 words) - 10:30, 19 May 2021
- VG Osnabrück - 1 B 72/21 (category Article 6(3) GDPR)meaning of Article 6 Paragraph 3 in conjunction with Paragraph 1 Letter c) or Letter e) GDPR, whereby according to Article 85 Paragraph 1, 2 GDPR the protection34 KB (5,527 words) - 13:49, 12 April 2022
- FG Nürnberg - 3 K 596/22 (category Article 6(3) GDPR)legislator used the open clause of Article 6(1)(c) and (e) GDPR, in combination with Article 6(2) and Article 6(3) GDPR, to create a legal basis for the38 KB (6,277 words) - 08:12, 18 May 2023
- Datatilsynet (Norway) - 20/01772 (category Article 6(3) GDPR)Protection Regulation article 6 no. 1 letters c and e, and that the supplementary legal basis according to article 6 no. 3 was Church Act § 3 no. 10 and provisions53 KB (7,945 words) - 10:46, 24 January 2023
- Garante per la protezione dei dati personali (Italy) - 9778996 (category Article 6(3) GDPR)and (1)(e) of Article 6 GDPR. The violation of Article 2-ter of the Code is a direct consequence of the violation of Articles 5 and 6 GDPR. Finally, the49 KB (7,883 words) - 15:12, 13 July 2022
- APD/GBA (Belgium) - 162/2022 (category Article 6(3) GDPR)and (2) GDPR; b. a breach of Article 12(1) and (6) GDPR, Article 13(1) and (2) GDPR and Article 14(1) and (2) GDPR, Article 5(2) GDPR, Article 24(1) GDPR71 KB (10,426 words) - 08:21, 23 November 2022
- VerfGH Saarland - VerfGH Lv 15/20 (category Article 6(3) GDPR)basis of consent, Article 6 (1) (a) GDPR. In particular, Article 6 (1) (c) (legal obligation of the controller and Article 6 (1) (e) GDPR (public interest)66 KB (10,700 words) - 14:15, 20 September 2021
- Datatilsynet (Norway) - 22/03622 (category Article 6(3) GDPR)basis as per Article 6(3) GDPR to process the transaction personal data ("bongdata" in Norwegian) as intended, and based on Article 58(2)(f) GDPR imposed a73 KB (10,929 words) - 08:41, 31 May 2023
- Article 5 GDPR (category GDPR Articles)consent under Article 6(4) GDPR and further processing for a compatible purpose under Article 6(4) GDPR. See the commentary on Article 6(4) GDPR for details51 KB (6,355 words) - 08:25, 18 April 2024
- Garante per la protezione dei dati personali (Italy) - 9789037 (category Article 6(3) GDPR)materia di protezione dei dati personali”; and of Article 6(1)(c), Article 6(1)(e), Article 6(2) and Article 6(3)(b). The Italian DPA did not impose a fine because75 KB (11,970 words) - 15:39, 3 December 2022
- Article 58 GDPR (category GDPR Articles) (section (d) Order to bring processing in compliance with the GDPR)access (Article 15 GDPR), rectification (Article 16 GDPR), erasure (Article 17 GDPR), restriction (Article 18 GDPR), notification (Article 19 GDPR) or data46 KB (5,825 words) - 11:12, 7 November 2023
- OVG Bautzen - 3 B 357/20 (category Article 6(3) GDPR)accordance with Article 6(2) GDPR and Article 6(3) GDPR for adaptation to the application of Article 6(1)(c) GDPR and Article 6(1)(e) GDPR. The court stressed111 KB (18,198 words) - 11:22, 27 November 2023
- Article 13 GDPR (category GDPR Articles) (section Automated decision-making ... referred to in Article 22(1) and (4))reliance on Article 6(1)(f) GDPR or at least exercise the right to object under Article 21 GDPR. If the legal basis is Article 6(1)(f) GDPR (i.e. 'legitimate71 KB (9,532 words) - 13:30, 6 March 2024
- safeguards (see Article 32(1)(a) GDPR); Handling of personal data breaches (see Article 34(3)(a) GDPR); Changing purposes of data processing (Article 6(4)(e) GDPR);125 KB (16,328 words) - 16:01, 8 March 2024
- Article 17 GDPR (category GDPR Articles) (section (i) Erasure following objection under Article 21(1))provided for in Article 6(1)(a) GDPR or, as the case may be, Article 9(2)(a) GDPR, and consent is withdrawn according to Article 7(3) GDPR, data must be61 KB (8,488 words) - 15:47, 18 March 2024
- Article 83 GDPR (category GDPR Articles) (section (6) Non-compliance with orders pursuant to Article 58(2) GDPR)flows by the SA pursuant to Article 58(2) GDPR or failure to provide access in violation of Article 58(1) GDPR. Article 83(6) GDPR is a superfluous provision55 KB (7,622 words) - 14:04, 7 November 2023
- categories of data established in Article 9(2)(a) GDPR, Article 9(2)(c) GDPR, Article 9(2)(g) GDPR and Article 9(2)(i) GDPR directly correlate with a specific44 KB (5,905 words) - 14:00, 24 October 2023
- RvS - 201906880/1/A3 (category Article 6(1) GDPR)on Article 6(1)(c) GDPR. In particular, the appellant argued that pursuant to Article 6(3) GDPR, a public interest task under Article 6(1)(c) GDPR must40 KB (6,464 words) - 09:58, 7 July 2021
- are dealt with in Article 12(6) GDPR. It is unclear why Article 12(2) GDPR refers to Articles 15 to 22 GDPR, while Article 11(2) GDPR only refers to Articles76 KB (11,304 words) - 08:37, 4 March 2024
- APD/GBA (Belgium) - 105/2023 (category Article 6(1) GDPR)therefore an infringement of Article 5 at the time of the facts. 1, a) GDPR, Article 6, Article 12.1 GDPR and Article 14.1 a) GDPR. 90. In addition, a controller102 KB (15,787 words) - 07:39, 6 September 2023
- a "filing system" within the meaning of Article 4(6) GDPR. See also Article 2(1) GDPR on the scope of the GDPR when it comes to non-automated filing systems73 KB (9,896 words) - 15:46, 18 March 2024
- Article 32 GDPR (category GDPR Articles) (section (3) Codes of conduct and certification mechanisms)DS-GVO BDSG, Article 32 GDPR, margin number 29 (C.H. Beck 2020, 3rd Edition). Jandt, in Kühling, Buchner, DS-GVO BDSG, Article 32 GDPR, margin number41 KB (5,197 words) - 12:17, 17 April 2024
- between Article 21(3) GDPR and Article 17 GDPR on the right to erasure must be considered. The tight relationship between Article 21(3) and Article 17(1)(c)49 KB (5,993 words) - 06:22, 16 June 2023
- affected since, under Article 28(1) GDPR, a controller shall only use processors providing the same standards under Article 25 GDPR. Manufacturers or producers43 KB (4,675 words) - 06:43, 16 June 2023
- CJEU - C-180/21 - Inspektor v Inspektorata kam Visshia sadeben savet (category Article 6(1)(f) GDPR)with Article 6(3) GDPR, the national law lays down, 1) the basis for such processing and, 2) the purposes of that processing or, as regards Article 6(1)(e)8 KB (1,144 words) - 09:49, 5 January 2024
- APD/GBA (Belgium) - 48/2022 (category Article 6(1)(e) GDPR) (section 2. The legal basis (Articles 6 and 9 GDPR))Moreover, the texts the airport relied upon did not refer, as required by Article 6(3) GDPR, to the purpose of the processing, to the description of the processing7 KB (874 words) - 16:47, 6 April 2022
- the meaning of Article 9 of the GDPR must indeed be based on Article 9.2 of the GDPR, read in conjunction with Article 6.1 of the GDPR. 24 This has been207 KB (31,357 words) - 14:21, 8 June 2022
- under the material part of the GDPR and the controller-processor agreement pursuant to Article 28 GDPR. Article 82(6) GDPR states that claims for damages33 KB (4,215 words) - 09:57, 19 March 2024
- compliance with the GDPR. Article 28(3)(h) GDPR enables such a task in case processors are used. According to Article 28(3)(h) GDPR, the processor should72 KB (9,140 words) - 13:12, 2 June 2023
- Article 60 GDPR (category GDPR Articles) (section (3) Duty of lead supervisory authority (LSA) to communicate the relevant information and submit a draft decision)resolution mechanism under Article 65 GDPR in connection with Article 63 GDPR is triggered (Article 60 (4) GDPR). Article 60(2) GDPR clarifies that also in35 KB (4,017 words) - 16:04, 18 March 2024
- Regulation (GDPR), Article 7 GDPR, p. 350 (Oxford University Press 2020). Heckmann, Paschke, in Ehmann, Selmayr, Datenschutz-Grundverordnung, Article 7 GDPR, margin31 KB (3,489 words) - 16:00, 8 March 2024
- Article 24 GDPR (category Article 24 GDPR) (section Shall implement appropriate technical and organisational measures to ensure GDPR compliance)(e.g. Article 25 (1) and (2), Article 28(1), Article 32(1) GDPR, Article 89(1) GDPR). These measures can also be regarded as measures under Article 24(1)30 KB (3,458 words) - 10:31, 25 April 2024
- freedoms of individuals", as stated in Article 35(1) and further elucidated in Article 35(3) and Article 35(4) GDPR. The WP29 developed a list of criteria52 KB (7,297 words) - 08:05, 18 July 2023
- with Article 13, Article 14 GDPR gives expression to the principle of transparency enshrined in Article 5(1)(a) GDPR and further defined in Article 12 GDPR47 KB (5,644 words) - 17:49, 5 March 2024