Search results
From GDPRhub
- IP - 07120-1/2020/25 (category Article 4(5) GDPR)officially consolidated text, hereinafter ZVOP-1), and 2 Article 43 of the Information Commissioner Act (Official Gazette RS, No. 113/05, hereinafter ZInfP)24 KB (3,577 words) - 15:31, 14 April 2021
- required in principle (see hereunder Article 65(2) GDPR) to adopt a decision under Article 65 GDPR is reached, since Article 64 GDPR only requires a simple majority33 KB (4,185 words) - 16:09, 2 November 2023
- Article 45 GDPR (section Article 45 and Schrems II)paragraph 2 of this Article. The implementing act shall be adopted in accordance with the examination procedure referred to in Article 93(2). 4. The Commission43 KB (5,641 words) - 14:58, 28 April 2022
- actual processing. If the information under Articles 13 or 14 GDPR and Article 15 GDPR would be the same information, Article 15(1) GDPR would be largely73 KB (9,896 words) - 15:46, 18 March 2024
- exemption is based on Article 85(2) GDPR. According to Article 26(3) of the 2018 Act, certain GDPR provisions (listed in Article 26(9)) will not apply14 KB (2,011 words) - 15:42, 25 November 2020
- Tietosuojavaltuutetun toimisto (Finland) - 4680/182/18 (category Article 9 GDPR)Regulation Article 5 paragraph 1 subparagraph a Article 7 Article 9 Data Protection Act Section 6 subsection 1 paragraph 1 Insurance Contract Act Section49 KB (7,496 words) - 14:44, 24 January 2024
- Tietosuojavaltuutetun toimisto (Finland) - 3216/452/17 (category Article 5(1)(a) GDPR)of the information gathered, the DPA held that the controller had violated Article 5(1)(a) GDPR, Article 5(1)(c) GDPR, Article 9 GDPR and Article 25(2)60 KB (9,117 words) - 14:46, 24 January 2024
- Tietosuojavaltuutetun toimisto (Finland) - 8493/161/21 (category Article 5(1)(a) GDPR)that the controller had violated Article 5(1)(a) GDPR, Article 12 GDPR, Article 13 GDPR, Article 15 GDPR and Article 25(1) GDPR. As a result, the DPA issued52 KB (7,936 words) - 22:32, 2 March 2024
- Tietosuojavaltuutetun toimisto (Finland) - TSV/26/2020 (category Article 5(1)(e) GDPR)data. On the basis of the information gathered, the DPA held that the controller had violated Article 5(1)(e) GDPR and Article 25(2) GDPR. As a result,77 KB (12,352 words) - 07:20, 23 April 2024
- Tietosuojavaltuutetun toimisto (Finland) - 7285/183/18 (category Article 5(1)(a) GDPR)data on behalf of the data subject under Article 15 GDPR; and 3) Article 6(1)(1) of the Finnish Data Protection Act (Tietosuojalaki) which allows insurance73 KB (11,237 words) - 05:34, 21 July 2022
- CNIL (France) - SAN-2019-005 (category Article 5(1)(e) GDPR)very letter of the provisions of III of Article 45 of the Act of January 6, 1978 as amended, resulting from Act no. 2018-493 of June 20, 2018 aimed at bringing41 KB (6,558 words) - 17:09, 6 December 2023
- the grounds that the conduct of the Commissioner violated the right to be heard. The court referred to Article 43(1),(2) Law N. 158 (I)/1999, which is22 KB (3,496 words) - 12:08, 17 February 2022
- CJEU - C‑634/21 - SCHUFA (category Article 22(1) GDPR)preparatory act and only the act adopted by the third party can, where appropriate, be classified as a ‘decision’ within the meaning of Article 22(1) of that6 KB (783 words) - 16:05, 12 December 2023
- Commissioner (Cyprus) - 17.05.23 (category Commissioner (Cyprus))before before the issuance of the annulled act. 3.1.2 Article 47 of the General Principles of Administrative Law Act 1999 (158(I)/1999), provides that: 4 4731 KB (4,973 words) - 16:50, 6 December 2023
- Commissioner (Cyprus) - 11.17.001.010.045 (category Commissioner (Cyprus))that the article’s publication was in violation of Article 5(1)(c) GDPR, Article 6(1)(f) GDPR, when read in line with Article 85 GDPR. Article 5(1)(c) outlines74 KB (12,375 words) - 10:07, 4 October 2023
- Tietosuojavaltuutetun toimisto (Finland) - 6689/186/20 (category Article 5(1) GDPR)verification of the information provided to the authority. Naturally, information about an individual from the police is not retained, and information obtained during41 KB (6,555 words) - 08:37, 4 March 2024
- CNIL (France) - SAN-2020-014 (category Article 9 GDPR)breach of article 33 of the Rules. III.On corrective measures and publicity 39. Under the terms of III of article 20 of the Data Protection Act: When the26 KB (4,050 words) - 17:10, 6 December 2023
- ICO - Monetary Penalty on Ticketmaster UK Limited (category Article 4(2) GDPR)"GDPR"), which came to the attention of the Information Commissioner ("the Commissioner"). 1.2 The Commissioner considers that Ticketmaster was the controller130 KB (21,195 words) - 13:52, 25 April 2021
- Commissioner (Cyprus) - 11.17.001.010.201 (category Commissioner (Cyprus))basis of the information presented by the controller, the Cyprus Commissioner considered that the legal basis should be consent, under Article 6(1)(a) GDPR23 KB (3,737 words) - 10:30, 7 June 2023
- CNIL (France) - SAN-2020-012 (category Article 4(7) GDPR) (section The lack of information to users)the requirements set in Article 82 of the Data Protection Act is set out in Article 3, paragraph I, of the Data Protection Act which provides: without93 KB (14,936 words) - 17:09, 6 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 4282/161/21 (category Article 5(1)(f) GDPR)of the information gathered, the DPA held that the controller had violated Article 5(1)(f) GDPR, Article 17(1) GDPR, Article 25(1) GDPR, Article 32(1) GDPR56 KB (8,980 words) - 08:47, 4 March 2024
- IP - 7121-1/2020/369 (category Article 6 GDPR)2020/369 Subject matter: Information for the individual, Legal bases, Consent, Education Legal act: Opinion The Information Commissioner (hereinafter: IP) has10 KB (1,406 words) - 15:25, 17 March 2022
- LA 104/19, ECLI:DE:OVGNI:2020:0722.11LA104.19.00 Article 1 (1) GG, Article 2 (1) GG, § 7aF DSG ND, § 43 VwGO Proceedings VG Osnabrück, 30 January 2019,25 KB (3,723 words) - 11:50, 10 September 2021
- Tietosuojavaltuutetun toimisto (Finland) - 310/161/23 (category Article 83(6) GDPR)credit information register are widely released for various purposes. Pursuant to Section 19 of the Credit Information Act, payment default information can71 KB (11,552 words) - 13:40, 12 January 2024
- Tietosuojavaltuutetun toimisto (Finland) - 4431/161/21 (category Article 5(1)(a) GDPR)(violated article: Article 25) and those in accordance with Article 83(5) of the General Data Protection Regulation ( Article violated: Article 5) to the54 KB (8,279 words) - 13:53, 21 March 2024
- Korkein hallinto-oikeus (Finland) - KHO:2024:34 (category Article 17(1) GDPR)Regulation) Article 1, paragraph 2, Article 5, Article 6, paragraph 1, subparagraph f, Article 17(1)(a), (c) and (d), Article 17(3)(a), Article 21(1) Judgments60 KB (9,713 words) - 13:07, 26 March 2024
- CNIL (France) - SAN-2020-009 (category Article 5(1)(a) GDPR) (section On the lack of accessibility to information on processing of personal data)people to read complete information by means of a link to this information. This was a violation of Article 12. Based on Article 13(2)(a) GDPR and WP2948 KB (7,404 words) - 17:09, 6 December 2023
- ICO (UK) - Enforcement Notice and Warning Letter - Home Office (category Article 5(2) GDPR)details. Enforcement Notice issued by the Information Commissioner concerning contraventions of Article 5(2) and Article 35 UK GDPR by the Home Office ENFORCEMENT129 KB (17,281 words) - 14:57, 10 April 2024
- CNPD (Luxembourg) - Délibération n° 20FR/2021 (category Article 38(1) GDPR)decision have been taken by the controlled. 43. In view of the above, the restricted panel concludes that Article 38.3 of the GDPR does not have been respected66 KB (9,458 words) - 19:42, 4 September 2021
- BAG - 9 AZR 383/19 (category Article 38(3) GDPR)complained, the then X AG, said the Thuringian state commissioner for data protection and freedom of information with reference to Section 4f Paragraph 2 BDSG40 KB (6,019 words) - 14:13, 28 November 2023
- CNIL (France) - SAN-2019-001 (category Article 4(11) GDPR)January 1978 relating to information technology, files and liberties (hereafter referred to as the Data Protection Act or the Act of 6 January 1978) and90 KB (14,556 words) - 17:08, 6 December 2023
- BVerfG - 1 BvR 16/13 (category Article 17 GDPR)not completely determined by it. This already follows from Article 1.3, Article 20.3 and Article 93.1 No. 4a of the Basic Law. According to these, the commitment133 KB (21,944 words) - 15:59, 22 March 2022
- AEPD (Spain) - PS/00379/2019 (category Article 6 GDPR)company of the information and electronic commerce (hereinafter referred to as the ISESA), as provided for in 43.1 of the said Act. Article 85 of Law 39/201526 KB (4,235 words) - 14:33, 13 December 2023
- entitled to erasure under Article 17(1)(d) GDPR, as the data processing was not lawful. In any case, the requirements of Article 6 GDPR were no longer met51 KB (8,215 words) - 09:55, 13 May 2022
- LG Essen - 6 O 190/21 (category Article 33 GDPR)provide, beyond the mere information about the data loss itself, that the information and measures mentioned in Article 33(1)(b) to Article 33(1)(d) GDPR must28 KB (4,596 words) - 18:30, 18 November 2021
- on the users device. Article 82 of the French Data Protection Act The DPA explained that Article 82 of the French Data Protection Act required the provider73 KB (11,864 words) - 17:03, 6 December 2023
- VG Mainz - 1 K 584/19.MZ (category Article 9(1) GDPR)protection law and further orders of the State Commissioner for Data Protection and Freedom of Information of Rhineland-Palatinate - LfDI - requiring him58 KB (9,665 words) - 08:51, 25 November 2020
- exclude information from your response to a SAR merely because it is difficult to access. The Act deals with the situation where supplying information in permanent89 KB (14,909 words) - 08:39, 22 February 2022
- the Spanish Act transposing the e-Privacy Directive? The AEPD held that there had been an infringement of Article 22(2) of the Information Society Services19 KB (2,841 words) - 14:02, 13 December 2023
- CNIL (France) - SAN-2021-003 (category Article 4(1) GDPR) (section On the violation of French Data Protection Act, implementing Directive (EU) 2016/680)applicable law 33. The first paragraph of Article 87 of the Data Protection Act, Article I of Title III of the Act provides: this Title shall apply without39 KB (6,015 words) - 17:11, 6 December 2023
- ICO (UK) - Unite the Union (category Article 43 GDPR)given informed valid consent to receive such calls. The Information Commissioner (“Commissioner”) was tasked with determining whether the conduct of Unite12 KB (1,395 words) - 21:47, 3 April 2022
- Datatilsynet (Denmark) - 2019-31-1424 (category Article 15 GDPR)Personal information is defined as any kind of information about an identified or identifiable natural person. Thus, there is no doubt that information about33 KB (5,189 words) - 16:23, 6 December 2023
- CNIL (France) - SAN-2022-025 (category Article 4(11) GDPR)Did the provider violate Article 82 of the Data Protection Act? The DPA explained that Article 82 of the Data Protection Act required the provider to ask82 KB (13,463 words) - 17:03, 6 December 2023
- CNPD (Luxembourg) - Délibération n° 47FR/2021 (category Article 5(1)(c) GDPR)second level of information information, i.e. the information note available on the website, contains all the information required under Article 13 of the GDPR69 KB (11,315 words) - 13:30, 19 January 2022
- ICO - FS50777458 (category Article 4(1) GDPR)freedoms. The commissioner therefore considers that there is an Article 6 basis for processing (in this case article 6(1)(f). Moreover, the Commissioner specifies6 KB (725 words) - 16:13, 7 March 2022
- APD/GBA (Belgium) - 21/2022 (category Article 5(1)(f) GDPR) (section Accountability (Article 24 GDPR), data protection by design and by default (Article 25 GDPR), integrity and confidentiality (Article 5(1)(f) GDPR), as well as security of processing (Article 32 GDPR))pursuant to Article 17(2) DPA Act. 9. Moreover, as regards the one-stop-shop mechanism, Article 56 GDPR states: "Without prejudice to Article 55, the supervisory429 KB (58,279 words) - 09:12, 2 November 2022
- APD/GBA (Belgium) - 37/2020 (category Article 17 GDPR)provided for in Article 56(1), read in conjunction with Article 56(2), read in conjunction with Article 56(3), read in conjunction with Article 56(4), read131 KB (22,429 words) - 16:57, 12 December 2023
- BVerfG - 1 BvR 276/17 (category Article 17 GDPR)the Federal Commissioner for Data Protection and Freedom of Information, the Hamburg Commissioner for Data Protection and Freedom of Information as well as127 KB (21,367 words) - 16:00, 22 March 2022
- CNIL (France) - SAN-2022-022 (category Article 12(3) GDPR)requests were requests for information according to Article 15(1) GDPR. The ‘Business secrecy’ exception only applied to Article 15(4) GDPR, where a data59 KB (9,623 words) - 17:03, 6 December 2023
- Commissioner (Cyprus) - 1.17.001.007.270 (category Commissioner (Cyprus))the Commissioner required information from AAEA with respect to the processing of X's personal data. AAEA however did not reply to the Commissioner. The64 KB (10,097 words) - 08:07, 27 October 2021
- CNIL (France) - SAN-2023-025 (category Article 6(1)(a) GDPR)of the data subjects, therefore breaching Article 6 GDPR, as well as Article 5(1)(b) GDPR. Thirdly, Article 30 GDPR stipulates that the controller must53 KB (8,418 words) - 11:21, 6 February 2024
- original for more details. 1 DATA PROTECTION ACT 1998 SUPERVISORY POWERS OF THE INFORMATION COMMISSIONER MONETARY PENALTY NOTICE To: Virgin Media Limited32 KB (5,066 words) - 09:04, 14 February 2022
- ICO (UK) - Tempcover Ltd (category Article 4(11) GDPR)English original for more details. DATA PROTECTION ACT 1998 SUPERVISORY POWERS OF THE INFORMATION COMMISSIONER MONETARY PENALTY NOTICE To: Tempcover Ltd Of:40 KB (5,684 words) - 18:42, 16 February 2022
- Commissioner (Cyprus) - 11.17.001.008.229 (category Commissioner (Cyprus))a violation of Article 5(2) GPDR since the controller failed to demonstrate compliance with Article 5(1) GDPR and a violation of Article 44 GDPR since the56 KB (8,616 words) - 15:31, 6 March 2024
- English original for more details. DATA PROTECTION ACT 1998 SUPERVISORY POWERS OF THE INFORMATION COMMISSIONER MONETARY PENALTY NOTICE To: SportsDirect.com Retail39 KB (5,404 words) - 11:56, 21 September 2021
- ICO (UK) - Royal Mail Group Limited (category Article 4(11) GDPR)English original for more details. DATA PROTECTION ACT 1998 SUPERVISORY POWERS OF THE INFORMATION COMMISSIONER MONETARY PENALTY NOTICE To: Royal Mail Group Limited41 KB (5,879 words) - 12:39, 23 March 2022
- the fine, the criteria specified in the same article 83. " Article 83 of the GDPR, as referred to in Article 20, paragraph III, of the "Informatique et Libertés"82 KB (13,428 words) - 17:02, 6 December 2023
- CNIL (France) - SAN-2021-020 (category Article 28(3) GDPR) (section On the failure to comply with Article 28 GDPR)February 27, 2020, in accordance with Article 56 of the GDPR, all the European supervisory authorities of its competence to act as lead supervisory authority and56 KB (9,069 words) - 17:02, 6 December 2023
- CNIL (France) - SAN-2022-011 (category Article 12 GDPR)has reinforced its second level of information by recording a message containing all the information required by article 14 of the GDPR, accessible from this48 KB (7,525 words) - 17:02, 6 December 2023
- ICO (UK) - Tuckers Solicitors LLP (category Article 5(1)(f) GDPR)details. • ICO. Information Commissioner's Office DATA PROTECTION ACT 2018 (PART 6, SECTION 155) SUPERVISORY POWERS OF THE INFORMATION COMMISSIONER MONETARY PENALTY87 KB (10,588 words) - 14:32, 16 March 2022
- CNIL (France) - SAN-2024-002 (category Article 5(1)(e) GDPR)requests it. ". 26. Article D. 213-1 of the same code provides that "[t]he amount mentioned in article L. 213-1 is set at 120 euros" and article D. 213-2 provides56 KB (8,757 words) - 14:12, 28 February 2024
- ICO (UK) - LTH Holdings Limited (category Article 4(11) GDPR)more details. • ICO. Information Commissioner's Office DATA PROTECTION ACT 1998 SUPERVISORY POWERS OF THE INFORMATION COMMISSIONER MONETARY PENAL TY NOTICE54 KB (6,922 words) - 11:45, 16 June 2021
- CNPD (Luxembourg) - Délibération n° 18/FR/2022 (category Article 5(1)(b) GDPR)the article 15.1. a), b), c) and d) of the GDPR […] information was missing in the note information on the following points: Point b) of Article 15.176 KB (11,147 words) - 16:58, 6 December 2023
- Commissioner (Cyprus) - 11.17.001.009.048 (category Commissioner (Cyprus))personal data under Article 9 GDPR, which can only be lawful if one of the exceptions of Article 9(2) GDPR apply. With respect to Article 9(2)(h) GDPR, the44 KB (7,042 words) - 13:53, 31 January 2024
- IP - 07121-1/2020/195 (category Article 35 GDPR)Slovenia and the Information Commissioner (Article 19). On the basis of the information you have provided, hereinafter referred to as Article 58 of Regulation9 KB (839 words) - 14:07, 24 February 2022
- ICO (UK) - AMEX (category Article 4(11) GDPR)more details. • ICO. Information Commissioner's Office DATA PROTECTION ACT 1998 SUPERVISORY POWERS OF THE INFORMATION COMMISSIONER MONETARY PENAL TY NOTICE72 KB (8,623 words) - 10:38, 26 May 2021
- ICO (UK) - The Money Hive Limited (category Article 4(11) GDPR)more details. • ICO. Information Commissioner's Office DATA PROTECTION ACT 1998 SUPERVISORY POWERS OF THE INFORMATION COMMISSIONER MONETARY PENALTY NOTICE63 KB (8,280 words) - 14:53, 2 March 2022
- Therefore, pursuant to Article 27(3) of the Act, in conjunction with Article 27(1)(2) of the Act, and applying Article 52(3) of the Act, the offender shall12 KB (1,883 words) - 08:17, 16 May 2023
- ICO (UK) - Colour Car Sales Limited (category Article 4(11) GDPR)more details. • ICO. Information Commissioner's Office DATA PROTECTION ACT 1998 SUPERVISORY POWERS OF THE INFORMATION COMMISSIONER ENFORCEMENT NOTICE To:22 KB (2,764 words) - 16:07, 19 September 2021
- IP - 07121-1/2020/199 (category Article 6(1)(e) GDPR)officially consolidated text, hereinafter ZVOP-1), and 2 Article 43 of the Information Commissioner Act (Official Gazette RS, No. 113/05, hereinafter ZInfP)15 KB (1,752 words) - 14:07, 24 February 2022
- English original for more details. DATA PROTECTION ACT 1998 SUPERVISORY POWERS OF THE INFORMATION COMMISSIONER MONETARY PENALTY NOTICE To: Papa John’s (GB) Limited31 KB (4,210 words) - 15:26, 20 June 2023
- CNIL (France) - SAN-2021-023 (category Article 56 GDPR)ePrivacy Directive. Article 5(3) of that directive was transposed into domestic law through Article 82 of the French Data Protection Act. The CNIL therefore120 KB (19,650 words) - 09:00, 6 April 2022
- IP - 0712-1/2019/2504 (category Article 5(1)(c) GDPR)paragraph of Article 49 of the Personal Data Protection Act (Official Gazette RS, No. 94/07-UPB1, hereinafter: ZVOP-1), and 2 Article 43 of the Information Commissioner8 KB (1,114 words) - 14:44, 17 March 2022
- Commissioner (Cyprus) - 11.17.001.008.147 (category Commissioner (Cyprus))specific act or series of processing acts, it is required that impact assessment and prior consultation with the Commissioner.' 14. Pursuant to Article 58(2)53 KB (8,451 words) - 22:10, 28 February 2024
- CNPD (Portugal) - Deliberação 2022/1072 (category Article 9(1) GDPR)punished by the combined provisions of article 44, paragraph 2 of article 46 and paragraph c) of paragraph 5 of article 83, both of the RGPD, with a fine of163 KB (27,222 words) - 16:54, 6 December 2023
- First-tier Tribunal - 2023 UKFTT 778 GRC (category Article 5(1)(a) GDPR)matter to the Information Commissioner (the Commissioner and/or the Respondent) by section 50 FOIA. On the 7th November 2022 the Commissioner issued the28 KB (4,450 words) - 15:12, 20 October 2023
- Tietosuojavaltuutetun toimisto (Finland) - 3116/163/20 (category Article 5(1) GDPR)Protection Act (1050/2018). Article 5 of the TSA stipulates the principles regarding the processing of personal data. According to Article 5, paragraph22 KB (3,314 words) - 12:58, 8 February 2023
- IP - 07121-1/2020/428 (category Article 6 GDPR)officially consolidated text, hereinafter ZVOP-1), and 2 Article 43 of the Information Commissioner Act (Official Gazette RS, No. 113/05, hereinafter ZInfP)9 KB (1,211 words) - 11:57, 24 March 2022
- ICO - FS50834927 (category Article 4(1) GDPR)ICO's capacity under the Freedom of Information Act. Is the information personal data within the meaning of Article 4(1) GDPR? Does a disclosure of personal24 KB (3,788 words) - 16:22, 7 March 2022
- ICO (UK) - Emailmovers Limited (category Article 4(7) GDPR)more details. THE DATA PROTECTION ACT 2018 (PART 6, SECTION 149) ENFORCEMENT POWERS OF THE INFORMATION COMMISSIONER ENFORCEMENT NOTICE To: Emailmovers29 KB (4,150 words) - 12:48, 3 August 2021
- ICO (UK) - Brazier Consulting Services Ltd (category Article 4(11) GDPR)more details. • ICO. Information Commissioner's Office DATA PROTECTION ACT 1998 SUPERVISORY POWERS OF THE INFORMATION COMMISSIONER MONETARY PENAL TY NOTICE43 KB (5,548 words) - 10:45, 28 July 2021
- CNIL (France) - SAN-2022-020 (category Article 3(2)(a) GDPR)the obligation to provide information (Article 13 GDPR) The DPA stated that at the time of the investigation, the information regarding data retention periods59 KB (9,566 words) - 17:03, 6 December 2023
- more details. • ICO. Information Commissioner's Office DATA PROTECTION ACT 1998 SUPERVISORY POWERS OF THE INFORMATION COMMISSIONER MONETARY PENAL TY NOTICE42 KB (5,271 words) - 13:44, 23 June 2021
- ICO - Monetary Penalty on Marriott International Inc. (category Article 5(1)(f) GDPR)to a breach of Article 5 or Article 32. The obligation under Article 5 GDPR i to ensure appropriate security; the obligation under Article 32 i to implement241 KB (31,368 words) - 09:59, 9 May 2022
- ICO (UK) - We Buy Any Car Limited (category Article 4(11) GDPR)English original for more details. DATA PROTECTION ACT 1998 SUPERVISORY POWERS OF THE INFORMATION COMMISSIONER MONETARY PENALTY NOTICE To: We Buy Any Car Limited41 KB (5,743 words) - 11:44, 21 September 2021
- VG Berlin - 1 K 391/20 (category Article 91(1) GDPR)right to informational self-determination from Article 2(1) in conjunction with Article 1(1) GG, the negative freedom of belief from Article 4(1) GG and36 KB (5,768 words) - 14:17, 18 May 2022
- VG Regensburg - RN 9 K 19.1061 (category Article 2 GDPR)Fundamental Rights (Article 8 (1) in conjunction with Article 8 (3) CFR) is protected by Article 77 (1) GDPR in conjunction with Article 77 (1) CFR. Art.94 KB (15,537 words) - 09:09, 25 August 2020
- IP (Slovenia) - 0609-20/2024/6 (category Article 6(1)(a) GDPR)and 8 of the Information Commissioner Act (Official Gazette of the Republic of Slovenia, no. 113/07 – ZUstS-A, hereinafter : ZInfP) and Article 95 of the14 KB (2,075 words) - 14:30, 30 April 2024
- APD/GBA (Belgium) - 61/2020 (category Article 5(1)(d) GDPR)order to avoid anyto remove any ambiguity in this regard.43. Article 5, §1 of the National Register Act stipulates that the Minister of the Interior is competentis41 KB (6,354 words) - 16:59, 12 December 2023
- original for more details. Information Commissioner's Office DATA PROTECTION ACT 1998 SUPERVISORY POWERS OF THE INFORMATION COMMISSIONER MONETARY PENALTY NOTICE41 KB (6,563 words) - 15:07, 14 July 2021
- ICO (UK) - Mermaids (category Article 5(1)(f) GDPR)details. ICO. Information Commissioner'sOffice DATA PROTECTION ACT 2018 (PART 6, SECTION 155) SUPERVISORY POWERS OF THE INFORMATION COMMISSIONER MONETARY PENALTY58 KB (7,695 words) - 09:00, 28 July 2021
- IP - 07121-1/2020/527 (category Article 58(3) GDPR)paragraph of Article 49 of the Personal Data Protection Act (Official Gazette RS, No. 94/07-UPB1, hereinafter ZVOP-1 ) and Article 2 of the Information Commissioner10 KB (1,467 words) - 15:22, 17 March 2022
- CNIL (France) - SAN-2020-003 (category Article 5(1)(c) GDPR)of Article 5-1 c) of the GDPR is established for these facts. B. On the breach of the obligation to limit the retention period of data 43. Article 5-161 KB (10,028 words) - 17:09, 6 December 2023
- ICO (UK) - The Central Young Men’s Christian Association (category Article 5(1)(f) GDPR)for more details. DATA PROTECTION ACT 2018 (PART 6, SECTION 155) SUPERVISORY POWERS OF THE INFORMATION COMMISSIONER MONETARY PENALTY NOTICE TO: The Central54 KB (7,579 words) - 16:44, 7 May 2024
- Tietosuojavaltuutetun toimisto (Finland) - 9707/152/19 (category Article 12(3) GDPR)access information provided for in Article 15 of the Data Protection Regulation. 2. The initiator has submitted a request in accordance with Article 15 of46 KB (7,186 words) - 14:12, 18 October 2023
- IP - 07121-1/2020/390 (category Article 6(1)(c) GDPR)paragraph of Article 49 of the Personal Data Protection Act (Official Gazette RS, No. 94/07-UPB1, hereinafter ZVOP-1), and 2 Article 43 of the Information Commissioner8 KB (1,260 words) - 14:29, 24 February 2022
- IP - 07121-1/2020/638 (category Article 6(1)(c) GDPR)officially consolidated text, hereinafter ZVOP-1), and 2 Article 43 of the Information Commissioner Act (Official Gazette RS, No. 113/05, hereinafter ZInfP)21 KB (3,055 words) - 15:23, 17 March 2022
- AEPD (Spain) - EXP202208091 (category Article 5(1)(f) GDPR)claimed party, for the alleged violation of Article 5.1.f) of the GDPR and Article 32 of the GDPR, typified in Article 83.5 of the GDPR. FIFTH: Notified of the40 KB (6,014 words) - 13:24, 13 December 2023
- ICO (UK) - Monetary Penalty Notice to Easylife Limited (category Article 5(1)(a) GDPR)• I C O . Information Commissioner's Office DATA PROTECTION ACT 2018 (PART 6, SECTION 155) SUPERVISORY POWERS OF THE INFORMATION COMMISSIONER MONETARY PENALTY77 KB (9,347 words) - 07:39, 13 October 2022
- CNIL (France) - SAN-2020-013 (category Article 6 GDPR) (section On the information of the user regarding cookies)requirements provided for in Article 82 of the Data Protection Act is set out in Article 3, paragraph I, of the Data Protection Act, which provides as follows82 KB (13,424 words) - 17:10, 6 December 2023
- VG Hannover - 10 A 502/19 (category Article 5(1)(a) GDPR)this The right to informational self-determination of the respective purchaser from Article 2, Paragraph 1 in conjunction with Article 1, Paragraph 1 of41 KB (6,779 words) - 12:35, 24 November 2021
- CNIL (France) - SAN-2020-008 (category Article 5(1)(e) GDPR) (section On the several questionable practices regarding the right to information)a violation of Article 12 GDPR ? Are the following practices an infringement on data subjects' information right as described in Article 12 GDPR ? Spreading104 KB (16,646 words) - 17:09, 6 December 2023
- CNIL (France) - SAN-2020-056 (category Article 5(1)(d) GDPR)to the French act n° 78-17 of 6 January 1978, modified, on information technology, data files and civil liberties, in particular its article 6-III; Having43 KB (6,847 words) - 17:11, 6 December 2023
- ICO (UK) - Cabinet Office (category Article 5(1)(f) GDPR)Denham Information Commissioner Information Commissioner's Office Wycliffe House Water Lane Wilmslow Cheshire SK9 SAF 39 ICO. Information Commissioner's Office79 KB (10,566 words) - 10:48, 7 December 2021
- Tietosuojavaltuutetun toimisto (Finland) - 8492/163/20 (category Article 5(1)(d) GDPR)stores information related to the employment relationship, such as employee names and contact information, employment contract status information, qualification149 KB (24,224 words) - 12:20, 2 January 2023
- EFTA Court - Joined Cases E-11/19 and E-12/19 (category Article 57(3) GDPR)have been disclosed pursuant to Article 17(2) and Article 19; … – 8 – (i) to impose an administrative fine pursuant to Article 83, in addition to, or instead59 KB (8,242 words) - 10:47, 17 March 2021
- Tietosuojavaltuutetun toimisto (Finland) - 8422/161/21 (category Article 12(1) GDPR)administrative fine pursuant to Article 83(5)(b) (breach of Article 15) and Article 83(6) (non-compliance with an order issued pursuant to Article 58(2)) of the General74 KB (11,917 words) - 06:52, 27 September 2023
- VGH München - 7 CE 20.1822 (category Article 4(1) GDPR)legal protection, reporting, SARS Cov-2, information, information request, COVID-19, interest in information, health data, pandemic lower court: VG Ansbach25 KB (3,916 words) - 12:37, 31 January 2022
- FG Berlin-Brandenburg - 16 K 2059/21 (category Article 14(5)(b) GDPR)requested information is annex information within the meaning of Article 15(1)(c) of the GDPR to the general data information pursuant to Article 15(1) of117 KB (19,778 words) - 14:27, 13 April 2022
- LG Feldkirch - 57 Cg 30/19b - 15 (category Article 9(1) GDPR)plaintiff with any further information beyond the information provided in accordance with his requests for information and the information contained in the letters69 KB (11,077 words) - 16:48, 7 March 2022
- First-tier Tribunal - Clearview AI Inc. v ICO (category Article 3(2)(b) GDPR)of Article 3(2)(b) (UK) GDPR. Also, the controller claimed that the material scope of (UK) GDPR was not satisfied, as Article 2(2)(a) GDPR (Article 3(2A)99 KB (16,103 words) - 08:41, 25 October 2023
- IP (Slovenia) - 0611-608/2021/9 (category Article 4(1) GDPR)of the Information Commissioner Act (Official Gazette of the Republic of Slovenia, No. 113/2205, 51/07 – ZUstS- A (hereinafter: ZInfP), Article 54 of the23 KB (3,551 words) - 17:15, 23 February 2022
- of the Data Protection Act 1988 as amended by the Data Protection Act 2003. These have now been replaced by the Data Protection Act 2018 which gives effect64 KB (9,589 words) - 16:15, 1 June 2022
- IP (Slovenia) - 0611-623/2021/10 (category Article 5 GDPR)violated Article 5, Article 12 and Article 13 GDPR. Therefore, the DPA ordered the controller to provide all the information referred to in Article 13(1)30 KB (4,690 words) - 04:23, 23 June 2022
- VG Wiesbaden - 6 L 738/21.WI (category Article 4(7) GDPR)inadmissible according to Article 48, and Article 49 GDPR. Because Akamai is an American company, it is subject to the US Cloud Act, and therefore obliged35 KB (5,925 words) - 09:07, 22 December 2021
- BVwG - W176 2247262-1 (category Article 57(4) GDPR)details. Postal address: Erdbergstrasse 192 – 196 1030 Vienna Phone: +43 1 601 49-0 Fax: + 43 1 711 23-889 15 41 Email: einlaufstelle@bvwg.gv.at www.bvwg.gv.at20 KB (3,055 words) - 15:41, 29 June 2022
- GHSHE (Netherlands) - 200.274.447 01 (category Article 5 GDPR)compelling reasons within the meaning of Article 9 of the protocol on monitoring systems. That article reads as follows: "Article 9 Articles 05 to 08 do not affect60 KB (10,118 words) - 15:12, 5 October 2021
- officially consolidated text, hereinafter ZVOP-1), and 2 Article 43 of the Information Commissioner Act (Official Gazette RS, No. 113/05, hereinafter ZInfP)29 KB (4,524 words) - 14:47, 17 March 2022
- VG Cottbus - VG 4 K 1191/19 (category Article 4(2) GDPR)State Commissioner for Data Protection and Freedom of Information, on the other hand, has agreed with the view of the Bavarian State Commissioner for Data75 KB (12,396 words) - 12:11, 30 March 2022
- EDPB - Binding Decision 5/2022 - 'Whatsapp' (category Article 4 GDPR)should have found an infringement of Article 6 GDPR 102or Article 6(1)(b) GDPR. As the IE SA considered that Article 6(1)(b) GDPR was not breached, the objections289 KB (33,568 words) - 15:00, 1 February 2023
- IP - 0613-438/2019/16 (category Article 32 GDPR)and 8 of the Information Commissioner Act (Official Gazette of the Republic of Slovenia, No. 113/05 et seq .; hereinafter ZInfP), Article 54 of the Personal29 KB (4,686 words) - 17:32, 25 April 2021
- irregularity. C. On the breach of Article 82 of the Data Protection Act 26. Under Article 82 of the Data Protection Act, transposing Article 5(3) of the ePrivacy Directive45 KB (7,227 words) - 10:03, 1 February 2023
- VG Neustadt an der Weinstraße - 3 L 763/22.NW (category Article 6(1)(e) GDPR)State Statistics Act (LStatG) in conjunction with Section 1 (1) of the Rhineland-Palatinate Implementation Act for the 2022 Census Act of February 3rd,54 KB (8,511 words) - 09:03, 16 December 2022
- CNIL (France) - SAN-2022-024 (category Article 3 GDPR)EU (Article 3(1) GDPR) and the controller did not offer services to data subjects in the EU (Article 3(2)(a) GDPR). The DPA concluded that Article 3(2)(b)30 KB (4,714 words) - 10:34, 4 January 2023
- LG München I - 33 O 5976/22 (category Article 6(1)(b) GDPR)based on Article 6(1)(b) GDPR, as the disclosure was not necessary for the performance of the telecommunication contract. Concerning Article 6(1)(f) GDPR65 KB (9,647 words) - 11:40, 4 October 2023
- VSRS - VSRS Sodba IV Ips 2/2021 (category Article 83 GDPR)paragraph of Article 91 of the Personal Data Protection Act (hereinafter: ZVOP-1) in connection with point 1 of the first paragraph of Article 91 Article ZVOP-130 KB (4,982 words) - 14:27, 17 September 2021
- VG Weimar - 3 K 1832/20 We (category Article 80 GDPR)notification of November 24, 2020 issued by the State Commissioner for Data Protection and Freedom of Information (defendant) as part of a complaints procedure28 KB (4,687 words) - 10:02, 14 September 2022
- NS - 30 Cdo 3909/2023-174 (category Article 85 GDPR)Chapter Five (mainly Article 36, paragraph 1, Article 38, paragraph 2) of the Charter and as a result also in violation of Article 95, paragraph 1 of the103 KB (16,947 words) - 08:34, 24 April 2024
- VG Köln - 13 L 1707/21 (category Article 4(2) GDPR)processing according to Article 4(2) GDPR In its decision, the court considered only the list of examples laid down in Article 4(2) GDPR, although the15 KB (2,273 words) - 15:58, 18 March 2022
- VG Mainz - 1 K 467/19.MZ (category Article 4(2) GDPR)constituted health data under Article 9(1) and Article 4(15) GDPR but the transfer was nevertheless admissible pursuant to Article 9 GDPR, as the strict requirements34 KB (5,514 words) - 15:11, 22 March 2022
- IP (Slovenia) - 0611-10/2021/11 (category Article 6(1)(f) GDPR)of the Information Commissioner Act (Official Gazette of the Republic of Slovenia, No. 113/2205, 51/2007 – ZUstS- Hereinafter: ZInfP), Article 54 of the53 KB (8,475 words) - 11:00, 7 July 2021
- CNPD (Luxembourg) - Délibération n° 17FR/2021 (category Article 5(1)(c) GDPR)non-compliance with the requirements of Article 5.1.c) of the GDPR and non-compliance with the requirements of article 5.1.e) of the GDPR. 10. On February44 KB (6,212 words) - 08:28, 16 June 2021
- CNIL (France) - SAN-2022-018 (category Article 5(1)(e) GDPR)determining the amount of the fine, the criteria specified in the same article 83. " 43. Article 83 of the GDPR provides that “Each supervisory authority shall36 KB (5,637 words) - 18:59, 21 September 2022
- NAIH (Hungary) - NAIH/2020/1154/9 (category Article 6(1)(f) GDPR)generalArticle 5 (1) (a), (b), (d) and (e) of the Data Protection Regulation, Article 6 (1) (f)Article 13 (2) (f) and Article 14 (2) (g), Article 14 (1)192 KB (30,170 words) - 10:11, 17 November 2023
- CNIL (France) - SAN-2021-012 (category Article 14 GDPR) (section On the information of data subjects)to which it falls”. 46. Article 8-2° of the Data Protection Act further specifies that “the National Commission for Information Technology and Freedoms55 KB (8,897 words) - 13:56, 21 November 2023
- LfD (Lower Saxony) - 4.2 05475-02-0301/21 (category Article 6(1)(a) GDPR)violated Article 6(1)(a) GDPR. The DPA also stated that in the first layer of the cookie-banner at least the following pieces of information should be35 KB (5,593 words) - 08:56, 9 January 2024
- OLG München - 18 U 2822/19 Pre (category Article 4 GDPR)in that Article (loc. cit., para. 32). § Section 13(6) of the Telemedia Act introduces a rule-exception relationship not contained in Article 7(f) of Directive59 KB (9,846 words) - 14:03, 20 September 2021
- CNIL (France) - SAN-2021-022 (category Article 5(1) GDPR)amended Act No. 78-17 of 6 January 1978 on data protection (hereinafter “the amended Act of 6 January 1978” or “the French Data Protection Act”). 5. In49 KB (7,295 words) - 10:16, 10 July 2022
- Datatilsynet (Norway) - 20/02136 (notification) (category Article 6(1) GDPR)to freedom of information requests under the Norwegian Freedom of Information Act. Kind regards Bjørn Erik Thon Data Protection Commissioner Jeanette Dyrkorn77 KB (11,517 words) - 10:36, 22 October 2022
- CNIL (France) - SAN-2021-014 (category Article 16 GDPR)decision A. On the concept of personal data 22. Article 4.1 of the GDPR defines "personal data" as "any information relating to an identified or identifiable37 KB (6,021 words) - 07:23, 23 September 2021
- VG Düsseldorf - 29 K 7031/19 (category Article 77 GDPR)fact: 2The plaintiff seeks the defendant State Commissioner for Data Protection and Freedom of Information (LDI) as the data protection supervisory authority27 KB (4,391 words) - 13:32, 20 November 2021
- IP (Slovenia) - 0611-182/2021/23 (category Article 5(1)(b) GDPR)Date: 24 May 2023 Information Commissioner (hereinafter: IP) ...issuance based on Articles 2 and 8 of the Information Commissioner Act (Official Gazette53 KB (8,251 words) - 08:30, 27 September 2023
- CNIL (France) - SAN-2024-003 (category Article 4(11) GDPR)that there was no breach of Article 32 GDPR. Thus, the CNIL imposed a €310,000 fine on the controller for breaching Article 6 GDPR. To grasp the notion52 KB (8,208 words) - 10:44, 13 March 2024
- CNIL (France) - SAN-2024-004 (category Article 4(11) GDPR)provide all the information required by Article 14 GDPR and did not offer the possibility to the data subject to obtain more complete information. Thus, the69 KB (10,971 words) - 11:00, 17 April 2024
- CNIL (France) - SAN-2022-009 (category Article 28 GDPR)service do not contain any of the information required by this article. Likewise, it notes that the required information does not appear either in the maintenance52 KB (8,268 words) - 13:02, 27 April 2022
- PHR - 22/01253 (category Article 15 GDPR)sensitive or personal information but potentially includes any kind of information, both objective information and subjective information in the form of opinions241 KB (42,617 words) - 14:14, 13 September 2022
- CNIL (France) - SAN-2023-023 (category Article 5(1)(e) GDPR)failure to comply with the obligations of article 82 of the Data Protection Act 58. Article 82 of the Data Protection Act provides that: “any subscriber or user60 KB (9,512 words) - 10:08, 31 January 2024
- CNIL (France) - SAN-2022-017 (category Article 12(1) GDPR)include the information required by article 13 of the GDPR. to take any steps to take cognizance of the information provided to the under Article 13 of the59 KB (8,323 words) - 11:51, 31 August 2022
- Datatilsynet (Norway) - 20/01727 (category Article 5(1)(f) GDPR)personal data, cf. Article 28 (3), Article 32 (2) of the Privacy Regulation, cf. Article 5 (1) (f) and Article 5 No. 2, and Article 44 for a period between53 KB (7,990 words) - 08:37, 6 October 2021
- DPC - C-19-X-XXX Ryanair DAC - November 2020 (category Article 4(22) GDPR)conferred on the DPC by section 113(2)(a) of the Data Protection Act 2018 (“the Act”) and Article 60 of the General Data Protection Regulation (“GDPR”). Preliminary35 KB (4,975 words) - 20:43, 5 May 2021
- NAIH (Hungary) - NAIH-4667-10/2022 (category Article 10 GDPR)the CXII of 2011 on the right to self-determination of information and freedom of information. Act (hereinafter: Infotv.) to provide the right of access62 KB (9,999 words) - 10:21, 7 December 2022
- CNIL (France) - SAN-2023-015 (category Article 7(1) GDPR)of Article 12 GDPR, Article 13 GDPR, Article 14 GDPR, Article 15 GDPR, Article 28 GDPR, Article 32 GDPR and Article 33 GDPR, as well as of Article L. 34-567 KB (10,546 words) - 13:55, 25 October 2023
- DPC (Ireland) - IN-19-7-6 (category Article 17 GDPR)Registers, in accordance with Article 16 GDPR; • The Archbishop must comply with his obligations under Article 12(3) and Article 12(4) of the GDPR in order513 KB (85,155 words) - 13:25, 8 July 2023
- DPC - Health Service Executive - August 2020 (IN-19-9-1) (category Article 5(1)(f) GDPR)Section 111 of the Data Protection Act 2018 (“the 2018 Act”). I make this Decision having considered the information obtained in the separate own volition142 KB (23,134 words) - 15:51, 19 July 2021
- HDPA (Greece) - 44/2019 (category Article 5(1) GDPR)be made in accordance with the provisions of Article 404 SOX Act. Specifically, with Article 404 SOX Act 36 introduces the obligation and responsibility127 KB (21,184 words) - 15:39, 6 December 2023
- CNIL (France) - Deliberation SAN-2022-024 of December 20, 2022 (category Article 4(11) GDPR)cookie from the consent exemptions of the Article 82 of the French Data Protection Act (implementing Article 5 of the ePrivacy-Directive), which is only73 KB (11,822 words) - 11:58, 11 January 2023
- UODO (Poland) - DKN.5131.31.2022 (category Article 5(1) GDPR)for infringements of Articles 5(1)(f) and 5(2) GDPR as well as Article 25(1) and Article 32(1) GDPR. First, the controller did not ensure adequate security71 KB (11,306 words) - 10:51, 22 January 2024
- CNIL (France) - Deliberation of the restricted training n°SAN-2022-021 of November 24, 2022 concerning the company ELECTRICITÉ DE FRANCE (category Article 5 GDPR)the right to obtain any available information as to the source of the data pursuant to Article 15(1)(g) of the GDPR. 43. Therefore, the restricted panel52 KB (8,315 words) - 21:54, 6 March 2024
- CNIL (France) - SAN-2021-019 (category Article 5(1)(c) GDPR)proportionate to the purpose of the processing pursuant to Article 5.1.e of the GDPR 43. Under the terms of Article 5.1.e of the Regulation, personal data must be57 KB (9,375 words) - 14:23, 15 November 2021
- CNIL (France) - SAN-2023-009 (category Article 7(1) GDPR)specified in the same article 83". 148. Article 83 of the GDPR, as referred to in Article 20, paragraph III, of the Data Protection Act, provides that: "Each78 KB (12,701 words) - 10:11, 28 June 2023
- EDPB - Binding Decision 4/2022 - 'Meta (Instagram)' (category Article 4 GDPR)under Article 5(1)(a) GDPR, but instead the individual contract”, whichis incompatible with Article 8 of the Charter of Fundamental Rightsand Article5(1)(a)GDPR468 KB (51,340 words) - 14:10, 30 January 2023
- VG München - M 3 E 22.667 (category Article 6(1)(c) GDPR)result is processed in accordance with Article 4, Paragraph 1, Clause 5 of the 16th BayIfSMV for the purposes of Article 4, Paragraph 1, Clause 1 and 2 of the34 KB (5,550 words) - 14:38, 15 June 2022
- Datatilsynet (Norway) - 0/02422 (category Article 5(1)(e) GDPR)and 43; (b) the obligations of the certification body pursuant to Articles 42 and 43; (c) the obligations of the monitoring body pursuant to Article 41(4)162 KB (24,007 words) - 19:41, 15 February 2023
- Garante per la protezione dei dati personali (Italy) - 9703988 (category Article 5(1)(c) GDPR)awarded (Article 167 of the RD 31 August 1933, No. 1592; Article 4, paragraph 3, of the Ministerial Decree of 22 October 2004, No. 270 and Article 7 , paragraph222 KB (35,993 words) - 09:52, 20 October 2021
- privacy in information published in the Article and that the media organisation misused their private information by publishing the article. Applying the137 KB (20,826 words) - 14:03, 23 February 2022
- Personvernnemnda (Norway) - 2018-14 (15/01355) (category Article 4(11) GDPR)particular categories of personal information in Article 9. It is only when the information provides additional information, for example that the doctor you144 KB (23,058 words) - 18:48, 5 March 2022
- VG Karlsruhe - 7 K 2578/22 (category Article 15(1) GDPR)email. He also requested information on the following questions in accordance with Section 7 of the State Freedom of Information Act (LIFG):1. Do examinees83 KB (13,935 words) - 10:24, 17 January 2024
- Court of Appeal - (2021) IECA 53 (category Article 4(11) GDPR)Family Home Protection Act, 1976 (‘the Act of 1976’) and that the mortgage of the properties therein is not affected by the Act of 1976 because [A.] was136 KB (23,256 words) - 13:47, 29 April 2021
- CNIL (France) - SAN-2023-021 (category Article 5(1)(c) GDPR)them, several pieces of information listed in the same article. The Regulation does not prescribe the form in which this information must be provided. In115 KB (18,607 words) - 11:00, 6 February 2024
- AEPD (Spain) - PS/00416/2019 (category Article 6 GDPR)Protection Officer (Information Commissioner). The transfer of thisclaim to the AEPD is made in accordance with the provisions of article 56 of theC / Jorge206 KB (32,869 words) - 14:36, 13 December 2023
- London LLP) 1st Intervener (Information Commissioner) Gerry Facenna QC Nikolaus Grubeck (Instructed by Information Commissioner’s Office) 2nd Intervener (Open169 KB (26,941 words) - 08:48, 25 November 2021
- LAG Mecklenburg-Western Pomerania - 5 Sa 108/19 (category Article 37 GDPR)6 In a letter dated July 10, 2015, the State Commissioner for Data Protection and Freedom of Information Mecklenburg-Western Pomerania informed the plaintiff48 KB (7,320 words) - 12:44, 4 October 2021
- CNIL (France) - SAN-2021-021 (category Article 12 GDPR)to "basic" information and not to sensitive information. 104. First of all, the restricted training recalls that, in application of article 32 of the RGPD69 KB (11,291 words) - 15:15, 19 January 2022
- APD/GBA (Belgium) - 77/2023 (category Article 5(1)(a) GDPR)of the provisions as set out in Article 95, § 2 and Article 98 of the LCA. They are also informed, pursuant to Article 99 of the LCA, of the deadlines150 KB (22,339 words) - 09:50, 21 June 2023
- CNPD (Luxembourg) - Délibération n° 38FR/2021 (category Article 37(7) GDPR)(DPO) under Section 4 of Chapter 4 of the GDPR (see in particular Article 37 GDPR to Article 39 GDPR). One of these audit proceedings concerned a Luxembourg81 KB (11,895 words) - 16:58, 6 December 2023
- APD/GBA (Belgium) - 85/2022 (category Article 4(11) GDPR)neither was this information was available to those involved. Article 13(2)(a) GDPR and Article 14(2)(a) GDPR clearly state that information must be given171 KB (24,826 words) - 15:55, 18 June 2022
- VG Gelsenkirchen - 20 K 6392/18 (category Article 12(5) GDPR)had provided free of charge. In doing so, he referred to Article 15 (3) in conjunction with Article 12 (5) of Regulation (EU) 2016/679 of the European Parliament98 KB (16,595 words) - 15:50, 17 March 2022
- EDPB - Urgent Binding Decision 1/2021 - 'WhatsApp' (category Article 5(1)(a) GDPR)violates Article 5(1), Article 6(1) and Article 12(1) GDPR. Therefore the DE-HH SA adopted, on 10 May 2021, provisional measures under Article 66(1) GDPR188 KB (31,298 words) - 12:31, 20 January 2023
- CNIL (France) - SAN-2023-024 (category Article 6(1) GDPR)breaches of the provisions of article 82 of the Data Protection Act 60. Under the terms of article 82 of the Data Protection Act: “Any subscriber or user of76 KB (12,140 words) - 13:55, 28 February 2024
- OLG Köln - 6 U 58/23 (category Article 44 GDPR)according to the Federal Commissioner for Data Protection and Freedom of Information (BfDI), “a blanket registration of information such as the entry and118 KB (19,824 words) - 10:49, 6 February 2024
- Protection 23. The claimant relies on Article 82, as supplemented by s.168 of the Data Protection Act 2018. Article 82 of the UK-GDPR provides data subjects61 KB (8,986 words) - 08:40, 22 February 2022
- OLG Koblenz - 5 U 2141/21 (category Article 82 GDPR)examined Article 81 of the GDPR, but not the actually relevant Article 82 of the GDPR. The claims asserted in the counterclaim under Article 82 of the81 KB (13,639 words) - 18:14, 7 June 2022
- APD/GBA (Belgium) - 04/2021 (category Article 5(1) GDPR)the GDPR, in particular Article 5 (1) GDPR, article 24 and article 28 GDPR, all this based on article 58.2, d) GDPR and article 100, §1, 9 ° WOG, within113 KB (18,732 words) - 16:50, 12 December 2023
- Rb. Amsterdam - C/13/687315 / HA RK 20-207 (category Article 4(1) GDPR)the request for further information under Article 15(1)(h). Request for additional information: As Uber provided further information on processing purposes82 KB (14,053 words) - 16:25, 25 March 2021
- CNPD (Luxembourg) - Délibération n°18FR/2021 (category Article 38(1) GDPR)chief investigation relates to Article 38.1 of the GDPR so that the explanations of the agent of the controlled under Article 37.2 of the GDPR are not relevant57 KB (8,374 words) - 08:31, 16 June 2021
- APD/GBA (Belgium) - 07/2024 (category Article 5(1)(c) GDPR)Transparency towards those involved (Article 12.1, Article 13.1 and 13.2, Article 14.1 and 14.2, Article 5.2, Article 24.1, and Article 25.1 GDPR) 57 II.4.1. Position350 KB (51,369 words) - 09:25, 31 January 2024
- DPC (Ireland) - WhatsApp Ireland Limited - IN-18-12-2 (category Article 4(1) GDPR) (section Article 13(1)(a) - the identity and contact details of the controller)with the information prescribed by Article 14 GDPR. Second, it held WhatsApp failed to provide users with sufficiently meaningful information regarding830 KB (115,261 words) - 15:37, 22 February 2022
- OLG München - 18 U 5493/19 Pre (category Article 99(2) GDPR)Telemedia Act was passed in 2006, the data protection provisions of the Teleservices Data Protection Act were incorporated unchanged into the new Act (BT-Drucks58 KB (9,657 words) - 14:01, 20 September 2021
- AEPD (Spain) - PS/00467/2020 (category Article 5(1)(d) GDPR)conferred by article 58.1 of the RGPD and article 67 of the LOPDGDD. " The expiration of the previous actions was already included in article 122.4 of the149 KB (24,924 words) - 10:55, 11 August 2021
- AEPD (Spain) - PS/00500/2020 (category Article 4(4) GDPR)the provided information was not enough. Therefore, consent was not valid as a legitimate basis from Article 6(1) GDPR, in relation to Article 7 GDPR, and408 KB (64,616 words) - 14:28, 24 November 2022
- Datatilsynet (Norway) - 21/03126 (category Article 33(1) GDPR)purposes of Article 4(16) GDPR." Consequently, the DPA concluded that the cooperation mechanism and procedure set out in Article 56(1) GDPR and Article 60 GDPR133 KB (19,309 words) - 05:16, 24 March 2023
- NAIH (Hungary) - NAIH-5114-35/2022 (category Article 5(1)(e) GDPR)fully complies with Article 12 (1) of the GDPR and Article 13 of the GDPR. article, and take it into account when developing the information practice Regarding146 KB (22,679 words) - 15:52, 3 May 2023
- violation of Article 5.1.c) of the GDPR, Article 6 of the GDPR, Article 9 of the GDPR, Article 12 of the GDPR, Article 35 of the RGPD, Article 13 of the RGPD337 KB (50,591 words) - 15:29, 5 August 2021