Search results
From GDPRhub
- Article 57 GDPR (category GDPR Articles) (section (a) Monitor and enforce the application of the GDPR)commentary to Article 60 GDPR, Article 61 GDPR, Article 62 GDPR, Article 63 GDPR, Article 64 GDPR, Article 65 GDPR, Article 66 GDPR and Article 56 GDPR. The SA60 KB (7,796 words) - 20:12, 1 April 2024
- CJEU - C-416/23 - Request for interpretation of a legal provision under Article 267 TFEU (category Article 57(4) GDPR)within the meaning of Article 57(4) GDPR is not defined more precisely in the GDPR. Nonetheless, Article 57(2) GDPR and Article 57(3) GDPR suggest that the6 KB (766 words) - 13:27, 11 November 2023
- BVwG - W253 2246873-1 (category Article 57(4) GDPR)Data Protection Regulation in further consequence GDPR) read in extracts as follows: "Article 57 (4) GDPR In the case of manifestly unfounded or excessive14 KB (2,100 words) - 16:37, 7 March 2022
- DSB (Austria) - 2023-0.137.735 (category Article 57(4) GDPR)because it is obviously unfounded Legal basis: Article 51 (1), Article 57 (1) (f), Article 57 (4) and Article 77 (1) of Regulation (EU) 2016/679 (General10 KB (1,463 words) - 15:29, 7 August 2023
- BVwG - W245 2226261-1 (category Article 57(4) GDPR)13 et seq. GDPR and the right to information pursuant to Art. 15 GDPR was complete, incorrect and untimely. According to Art. 57 Para. 4 GDPR, last sentence16 KB (2,346 words) - 16:17, 18 May 2022
- BVwG - W176 2247262-1 (category Article 57(4) GDPR)raise his data protection complaint in accordance with Article 57 (4) GDPR. Art. 57 Para. 4 GDPR standardizes that the supervisory authority in the case20 KB (3,055 words) - 15:41, 29 June 2022
- BVwG - W292 2248134-1 (category Article 57(4) GDPR)an alleged violation of Article 15 GDPR by one of the controllers. The DPA dismissed the claim on the basis of Article 57(4) GDPR. According to such provision28 KB (4,409 words) - 09:54, 25 April 2023
- APD/GBA (Belgium) - 47/2024 (category Article 57(4) GDPR)meaning of article 57.4 of the GDPR; and decides to close the complaint without further action 8 for reasons of opportunity (criterion B.4). 21. The Litigation19 KB (2,654 words) - 08:43, 3 April 2024
- APD/GBA (Belgium) - 165/2022 (category Article 57(4) GDPR)violation of Article 5 (1) (a) and (2) GDPR, Article 6 (1) GDPR and Article 24 (1) of the GDPR; and - no violation of Article 12 (1) GDPR, Article 13 (1) and28 KB (4,010 words) - 13:40, 14 December 2022
- APD/GBA (Belgium) - 149/2022 (category Article 57(4) GDPR)Violations of Article 5(1)(a) GDPR and Article 6(1) GDPR The DPA held that the controller did not violate Article 5(1)(a) GDPR and Article 6(1) GDPR. The DPA89 KB (13,017 words) - 15:07, 2 November 2022
- Garante per la protezione dei dati personali (Italy) (section Ex Officio Procedures under Art 57 GDPR)Garante. For example, Article 3 reiterates the general principles of fairness and transparency of the proceeding before the DPA. Article 12 ensures a right7 KB (808 words) - 08:17, 16 February 2023
- exercise on their behalf all rights foreseen under Articles 77 and 78 GDPR and Article 20 of L. 4624/2019. The mandate shall be given with a specific written23 KB (2,039 words) - 08:15, 25 April 2024
- Article 23 GDPR (category GDPR Articles) (section Consultation with the DPAs (Articles 36(4) and 57(1)(c) GDPR))access (Article 15 GDPR), rectification (Article 16 GDPR), erasure (Article 17 GDPR), restriction of processing (Article 18 GDPR), notification obligation44 KB (4,896 words) - 06:25, 16 June 2023
- Article 77 GDPR (category GDPR Articles)compliance with the GDPR under Article 58(2)(d) GDPR or even ban it under Article 58(2)(f) GDPR. Therefore, complaints under Article 77 GDPR should extend to33 KB (3,641 words) - 09:51, 19 March 2024
- Protection Act 2018 confers upon the Commissioner the tasks listed under Article 57 GDPR. However, the Act does not further elaborate on the scope of these tasks18 KB (2,488 words) - 15:22, 14 December 2021
- fulfilment of its tasks. In this regard, Article 31 GDPR must be read in line with Articles 57 and 58 GDPR. Article 57 GDPR outlines the extensive tasks afforded22 KB (2,042 words) - 14:29, 20 November 2023
- in force for more than 4 years after the GDPR’s entrance into force. Responding to requests regarding the applicability of the GDPR in Slovenia, the IP issued10 KB (1,242 words) - 10:51, 6 February 2024
- Article 58 GDPR (category GDPR Articles) (section (d) Order to bring processing in compliance with the GDPR)access (Article 15 GDPR), rectification (Article 16 GDPR), erasure (Article 17 GDPR), restriction (Article 18 GDPR), notification (Article 19 GDPR) or data46 KB (5,825 words) - 11:12, 7 November 2023
- at/dam/jcr:ee7b155a-0a1f-4d00-98e9-902314c7022d/Datenschutzbericht%202022.pdf Report: Europe’s governments are failing the GDPR by Brave, page 6 - https://brave11 KB (1,468 words) - 13:27, 14 May 2023
- motion. Its powers are described under Article 8 of the law "Informatique et Libertés". Under Article R311-1(4) of the French code of administrative justice8 KB (824 words) - 22:52, 27 February 2024
- are dealt with in Article 12(6) GDPR. It is unclear why Article 12(2) GDPR refers to Articles 15 to 22 GDPR, while Article 11(2) GDPR only refers to Articles76 KB (11,304 words) - 08:37, 4 March 2024
- Article 78 GDPR (category GDPR Articles) (section (4) Information on preceding EDPB opinion or decision)or infringes the GDPR or any other applicable laws, including national ones. See commentary under Article 77 GDPR. Article 78(1) GDPR establishes both30 KB (3,874 words) - 10:46, 7 December 2023
- APD/GBA (Belgium) - 25/2024 (category Article 5(1)(d) GDPR)obligation in accordance with Article 5.1a) GDPR, in conjunction with Article 13 GDPR has not been fulfilled. 23. In accordance with Article 95, § 2, 3° of the WOG24 KB (3,474 words) - 13:30, 14 February 2024
- Article 55 GDPR (category GDPR Articles)which would be competent under Article 55(1) GDPR, as provided in Article 56 GDPR in connection with Article 60 GDPR. For more information see commentary35 KB (3,971 words) - 21:34, 1 April 2024
- organisation-fined-for-gdpr-rule-breach-1.4255692?mode=amp https://www.irishlegal.com/article/tusla-fined-40-000-in-second-gdpr-breach https://www.dataprotection8 KB (1,034 words) - 14:13, 20 August 2021
- meaning of Article 4(7) and (8) GDPR can be liable for compensation. A claim for damages first requires an infringement of the GDPR. Article 82 GDPR does not33 KB (4,215 words) - 09:57, 19 March 2024
- Article 65 GDPR (category GDPR Articles) (section (4) Supervisory authorities (SAs) prohibited to adopt any measure during the procedure)lead SA (“LSA”) (Article 65(1)(b) GDPR), and where a SA is not following an opinion of the EDPB (Article 6(1)(c) GDPR). Article 65(1)(a) GDPR addresses the33 KB (4,185 words) - 16:09, 2 November 2023
- Article 15 GDPR (category GDPR Articles) (section Additional information under Article 15(1)(a) to (h))a "filing system" within the meaning of Article 4(6) GDPR. See also Article 2(1) GDPR on the scope of the GDPR when it comes to non-automated filing systems73 KB (9,896 words) - 15:46, 18 March 2024
- Article 5 GDPR (category GDPR Articles)consent under Article 6(4) GDPR and further processing for a compatible purpose under Article 6(4) GDPR. See the commentary on Article 6(4) GDPR for details51 KB (6,355 words) - 08:25, 18 April 2024
- Article 59 GDPR (category GDPR Articles)accordance with Article 58(2) [GDPR]”. These is a reference to the information that SAs must keep in internal records according to Article 57(1)(u) GDPR. The report15 KB (718 words) - 15:31, 19 October 2023
- GDPR are Article 4(7) GDPR (definition of controller), Article 4(8) GDPR (definition of processor), Article 4(16) GDPR (definition of main establishment)55 KB (7,446 words) - 22:28, 1 April 2024
- incompatible with the office. Article 52(4) GDPR and Article 52(6) GDPR establish the framework for SAs financial governance. Article 52(4) GDPR stipulates that SAs47 KB (5,594 words) - 22:45, 1 April 2024
- Article 43 GDPR (category GDPR Articles)Recital 167 GDPR and Article 291 TFEU, the aim of implementing acts is to “ensure uniform conditions for implementing” the GDPR. In its GDPR Certification22 KB (1,634 words) - 14:40, 28 July 2023
- to § 14(1)(1)(6) BDSG the BfDI is responsible for complaints under Article 77 GDPR. The BfDI has to inform the complainant about the ongoing procedure3 KB (297 words) - 14:49, 1 December 2020
- Article 61 GDPR (category Article 61 GDPR) (section (4) Conditions for a refusal to comply with an assistance request)standards of clarity (Article 61(3) GDPR). Requests are imperative and, subject to specific exceptions (Article 61(4) and (5) GDPR), must be fulfilled and24 KB (2,181 words) - 11:46, 15 January 2024
- Article 50 GDPR (category GDPR Articles)exchange of knowledge between them. This way, Article 50 GDPR expands the exhortation under Article 57(1)(g) GDPR that calls for cooperation between EU DPAs17 KB (1,142 words) - 15:41, 28 April 2022
- Article 54 GDPR (category GDPR Articles)provided for in Article 52(3) GDPR and Articles 53(3) and 53(4) GDPR. For more information on SA members and staff, please refer to Article 52(2) GDPR (SA members)34 KB (3,649 words) - 13:19, 30 October 2023
- Article 11 GDPR (category GDPR Articles) (section (1) If the data subject is not identified, the GDPR applies in part)Category:Article 11 GDPR Georgieva, in Kuner, Bygrave, Docksey, The EU General Data Protection Regulation (GDPR): A Commentary, Article 11 GDPR, p. 39520 KB (1,854 words) - 16:32, 8 March 2024
- Article 42 GDPR (category GDPR Articles) (section (3-4) Certification as a voluntary act that does not reduce compliance obligations)difference between Article 42(1) GDPR and Article 42(2) GDPR is that in the former, the applicant for certification is subject to the GDPR, while in latter27 KB (2,452 words) - 14:26, 28 July 2023
- clear from the wording of Article 41(1) GDPR. Article 41(1) GDPR does not define accreditation. Nonetheless, Article 41(2) GDPR provides a criterion against30 KB (2,720 words) - 14:02, 28 July 2023
- Article 79 GDPR (category GDPR Articles) (section Infringement of the plaintiff’s rights under the GDPR)controller (as defined under Article 4(7) GDPR) and a processor (as defined under Article 4(8) GDPR). As noted above, Article 79 GDPR imposes a two-stage cumulative31 KB (3,550 words) - 11:11, 29 November 2023
- Article 47 GDPR (category GDPR Articles)other DPAs concerned. The BCR Lead the submits, following Article 64(1) GDPR and Article 64(4) GDPR, a draft decision to the EDPB. The EDPB, in turn, issues29 KB (2,823 words) - 15:15, 28 April 2022
- the SAs' tasks, please refer to Article 57 GDPR and for their powers please refer to Article 58 GDPR. See Recital 122 GDPR. In this respect, reference should29 KB (2,894 words) - 23:06, 1 April 2024
- Article 32 GDPR (category GDPR Articles) (section (4) Natural persons acting under the authority of the controller or the processor)evaluating the effectiveness of security measures (Article 32(1)(d) GDPR). According to Article 4(5) GDPR, "pseudonymisation" means the processing of personal41 KB (5,197 words) - 12:17, 17 April 2024
- Article 99 GDPR (category Article 99 GDPR)shall apply from 25 May 2018. There is no relevant recital for Article 99 GDPR. Article 99 GDPR sets out the dates of the Regulation's entry into force and12 KB (295 words) - 08:25, 19 October 2023
- Article 29 GDPR (category GDPR Articles) (section Commonalities and differences in relation to Article 28(3)(b) GDPR)relevance of Article 29 GDPR were rooted in the fact that Article 28(3)(b) GDPR already seems to cover much of the scope of Article 29 GDPR. More specifically13 KB (674 words) - 13:15, 2 June 2023
- (see Article 52 GDPR) and shall be provided with various competencies (Articles 55, 56 GDPR), tasks (Article 57 GDPR) and powers (Article 58 GDPR). For125 KB (16,328 words) - 16:01, 8 March 2024
- Article 94 GDPR (category Article 94 GDPR)under the GDPR. → You can find all related decisions in Category:Article 94 GDPR Kühling, Raab, in Kühling, Buchner, GVO BDSG, Article 94 GDPR, margin numbers13 KB (530 words) - 09:40, 3 October 2023
- Article 97 GDPR (category Article 97 GDPR)recitals for Article 97 GDPR. Article 97 GDPR imposes a "comprehensive reporting obligation" upon the Commission. The first paragraph of Article 97 GDPR sets out16 KB (778 words) - 08:24, 19 October 2023
- performance. Article 7 GDPR regulates the "conditions for consent". It specifies the definition of consent set out in Article 4(11) GDPR and, by integrating31 KB (3,489 words) - 16:00, 8 March 2024
- Article 24 GDPR (category Article 24 GDPR) (section Shall implement appropriate technical and organisational measures to ensure GDPR compliance)(e.g. Article 25 (1) and (2), Article 28(1), Article 32(1) GDPR, Article 89(1) GDPR). These measures can also be regarded as measures under Article 24(1)30 KB (3,458 words) - 10:31, 25 April 2024
- Article 96 GDPR (category Article 96 GDPR)protected by Article 96 GDPR if it is found to be incompatible with other GDPR provisions. → You can find all related decisions in Category:Article 96 GDPR It follows13 KB (450 words) - 08:22, 19 October 2023
- Article 87 GDPR (category Article 87 GDPR)process them. This was already the case under Article 8(7) of the DPD, the precursor of Article 87 GDPR. In many Member States, the processing of NIN and15 KB (660 words) - 09:37, 1 December 2023
- Article 8 GDPR (category GDPR Articles)directly to children. As such, Article 8 GDPR stipulates additional requirements for consent by children. Article 8 GDPR applies only if the processing19 KB (1,335 words) - 13:56, 24 October 2023
- categories of data established in Article 9(2)(a) GDPR, Article 9(2)(c) GDPR, Article 9(2)(g) GDPR and Article 9(2)(i) GDPR directly correlate with a specific44 KB (5,905 words) - 14:00, 24 October 2023
- Article 25 GDPR (category GDPR Articles)Protection Regulation (GDPR): A Commentary, Article 25 GDPR, p. 577 (Oxford University Press 2020). EDPB, 'Guidelines 4/2019 on Article 25 Data Protection43 KB (4,675 words) - 06:43, 16 June 2023
- Article 67 GDPR (category Article 67 GDPR)Category:Article 67 GDPR See EDPB, State of Play - IMI for GDPR purposes, 27 June 2018 (available here). See EDPB, 2019 Annual Report, Section 4.3.1 (available15 KB (810 words) - 16:13, 2 November 2023
- Article 76 GDPR (category Article 76 GDPR)Article 76 GDPR, p. 1111-1112 (Oxford University Press 2020). Docksey, in Kuner et al., The EU General Data Protection Regulation (GDPR), Article 76 GDPR, p.15 KB (787 words) - 08:17, 19 October 2023
- Protection Regulation (GDPR), Article 75 GDPR, p. 1105 (Oxford University Press 2020). Dix, in Kühling, Buchner, DS-GVO BDSG, Article 75 GDPR, margin number 620 KB (1,347 words) - 14:21, 17 October 2023
- Article 19 GDPR (category GDPR Articles)disclosed to per Article 4(9) GDPR. Article 19 does not establish any specific time requirement for notification. However, since the purpose of Article 19 is to19 KB (1,436 words) - 12:35, 12 May 2023
- Article 74 GDPR (category Article 74 GDPR)decisions in Category:Article 74 GDPR For more on this point, see Article 72 GDPR. Dix in Kühling, Buchner, DS-GVO BDSG, Article 74 GDPR, margin number 7 (C15 KB (808 words) - 09:44, 17 October 2023
- 62(7) GDPR, the reference to the EDPB is mandatory. The authority addressed under Article 66(1)-(2) GDPR is the CSA within the meaning of Article 4(22) GDPR20 KB (1,590 words) - 16:11, 2 November 2023
- Article 69 GDPR (category Article 69 GDPR)proposed amendments to the GDPR (pursuant to Article 70(1)(b) GDPR). Although not explicitly mentioned in Article 69(2) GDPR, the requirement that the Board18 KB (1,327 words) - 12:36, 14 December 2023
- Article 48 GDPR (category GDPR Articles)subject to the GDPR or, in cases where they are not established in the EU, act within the material and territorial scope of the GDPR. Article 48 GDPR refers to14 KB (716 words) - 15:19, 28 April 2022
- Article 98 GDPR (category Article 98 GDPR)accordance with Article 98'. → You can find all related decisions in Category:Article 98 GDPR The CJEU has yet to rule on Article 98 GDPR. Nonetheless, the15 KB (943 words) - 09:58, 8 November 2023
- Article 10 GDPR (category GDPR Articles)from Article 6(1) GDPR and comply with the principles enshrined in Article 5 GDPR. Additionally, the processing will still be subject to other GDPR provisions17 KB (1,768 words) - 15:41, 18 March 2024
- Article 63 GDPR (category Article 63 GDPR)to in Article 46(2)(d) GDPR, contractual clauses referred to in Article 46(3)(a) GDPR, or binding corporate rules within the meaning of Article 47 GDPR15 KB (851 words) - 06:55, 29 April 2022
- Article 93 GDPR (category Article 93 GDPR) (section (2) Examination procedure under Article 5 of Regulation (EU) No. 182/2011)unlike delegated acts made under Article 92 GDPR. Article 93(2) GDPR explicitly provides for the application of Article 5 of Regulation (EU) No 182/201117 KB (1,096 words) - 08:19, 19 October 2023
- Article 95 GDPR (category Article 95 GDPR)situation, Article 95 GDPR will not be relevant, and the GDPR applies as normal. Notably, Recital 173 GDPR, which relates to Article 95 GDPR, omits reference20 KB (1,539 words) - 08:21, 19 October 2023
- Article 71 GDPR (category Article 71 GDPR)practices published under Article 70(3) GDPR. Though Article 70(3) GDPR already obliges the EDPB to make these public, Article 71(2) GDPR ensures that the public15 KB (1,196 words) - 08:15, 19 October 2023
- Article 16 GDPR (category GDPR Articles)please refer to Article 19 GDPR. If the controller declines to rectify the data, they must provide reasons for their decision (Article 12(4) GDPR). The data23 KB (2,489 words) - 23:24, 6 March 2024
- decisions pursuant to Article 65 GDPR (Article 70(1)(t) GDPR). Article 68 GDPR is the first of nine Articles (Articles 68-76 GDPR) governing the EDPB set20 KB (1,632 words) - 10:01, 11 October 2023
- Article 92 GDPR (category Article 92 GDPR) (section (2) Delegation of power under Article 12(8) and 43(8) GDPR)objections pursuant to Article 92(5) GDPR. Article 92(5) GDPR imposes a further condition for the delegation of power, in line with Article 290(2)(b) TFEU. A19 KB (1,525 words) - 08:18, 19 October 2023
- Article 44 GDPR (category GDPR Articles)important to note that Article 13(1)(f) GDPR, Article 14(1)(f) GDPR, Article 15(1)(c) GDPR and Article 15(2) GDPR, make specific reference to transfers of personal21 KB (1,831 words) - 08:51, 27 March 2023
- 64(2) GDPR). The remaining paragraphs of Article 64(3)-(8) GDPR lay down substantive rules and a detailed procedure for the EDPB’s opinions. Article 64(1) GDPR23 KB (2,079 words) - 16:07, 2 November 2023
- conduct under Article 83 GDPR should be excluded from penalties issued under Article 84 GDPR is debated. Whilst the wording of the GDPR is simply unclear19 KB (1,477 words) - 14:12, 7 November 2023
- Article 60 GDPR (category GDPR Articles) (section (4) Objection by supervisory authority concerned (CSA) and procedure where it is not followed)resolution mechanism under Article 65 GDPR in connection with Article 63 GDPR is triggered (Article 60 (4) GDPR). Article 60(2) GDPR clarifies that also in35 KB (4,017 words) - 16:04, 18 March 2024
- Regulation (GDPR): A Commentary, Article 38 GDPR, p. 707 (Oxford University Press 2020). Bergt, in Kühling, Buchner, DS-GVO BDSG, Article 38 GDPR, margin number29 KB (2,951 words) - 14:19, 25 July 2023
- Article 73 GDPR (category Article 73 GDPR)simple majority principle under Article 72(1) GDPR would have applied regardless of Article 73(1) GDPR. In addition, the GDPR explicitly legislates for a simple19 KB (1,530 words) - 14:23, 12 October 2023
- Article 27 GDPR (category GDPR Articles) (section (a) Processing Which is Occasional and Does Not Include Data in the Sense of Articles 9 and 10 GDPR)with the GDPR (Article 31 GDPR). Direct liability of the representative is limited to the obligations set out in Article 30 and Article 58(1)(a) GDPR. Article25 KB (2,418 words) - 14:11, 24 May 2023
- Article 83 GDPR (category GDPR Articles) (section (6) Non-compliance with orders pursuant to Article 58(2) GDPR)listed in Article 83(4), (5) and (6) GDPR. This specifically refers to violations of Articles 8, 11, 25 to 39, 41(4), 42, 43 of the GDPR (paragraph 4), Articles55 KB (7,622 words) - 14:04, 7 November 2023
- Member State in relation to damage referred to in Article 62(4) GDPR. According to Article 62(7) GDPR, if the lead SA does not invite the SA to take part22 KB (1,915 words) - 13:46, 15 January 2024
- right to data protection. Article 51 GDPR is closely connected to Article 4(21) (definition of SA), Article 52 (independence), Article 53 (General conditions27 KB (2,604 words) - 14:24, 16 January 2024
- Article 13 GDPR (category GDPR Articles) (section Automated decision-making ... referred to in Article 22(1) and (4))reliance on Article 6(1)(f) GDPR or at least exercise the right to object under Article 21 GDPR. If the legal basis is Article 6(1)(f) GDPR (i.e. 'legitimate71 KB (9,532 words) - 13:30, 6 March 2024
- Article 30 GDPR (category GDPR Articles) (section (4) Provision of the ROPA to supervisory authority)requirements of data minimization (Article 5(1)(c) GDPR) and storage limitation (Article 5(1)(e) GDPR). Under Article 30(1)(f) GDPR, where possible, the controller31 KB (3,327 words) - 15:31, 5 June 2023
- leeway exists only in cases of Article 64(2) GDPR but not the context of Article 70(2) GDPR. According to Article 70(3) GDPR, the EDPB is obligated to “forward27 KB (3,038 words) - 12:19, 11 October 2023
- between Article 21(3) GDPR and Article 17 GDPR on the right to erasure must be considered. The tight relationship between Article 21(3) and Article 17(1)(c)49 KB (5,993 words) - 06:22, 16 June 2023
- Article 46 GDPR (category GDPR Articles) (section (b) Binding corporate rules in accordance with Article 47)access (Article 15 GDPR), rectification (Article 16 GDPR), deletion (Article 17 GDPR), restriction of processing (Article 18 GDPR), objection (Article 21 GDPR)34 KB (3,646 words) - 08:53, 27 March 2023
- meaning Recital 86 GDPR). However, Article 34 GDPR does not provide a specific deadline of 72 hours as is the case in Article 33 GDPR. Instead, timelines37 KB (3,962 words) - 15:20, 16 June 2023
- Article 39 GDPR (category GDPR Articles)from any of the GDPR’s protections. → You can find all related decisions in Category:Article 39 GDPR Just as Article 38 GDPR, Article 39 GDPR also shows similarities23 KB (2,165 words) - 15:10, 27 July 2023
- Article 72 GDPR (category Article 72 GDPR)dispute resolution under Article 65(3)(1) GDPR and for consistency decisions in the urgency procedure under Article 66(4) GDPR is necessary, as these are22 KB (2,266 words) - 08:26, 17 October 2023
- further discussed, in Article 4(1) GDPR. Any information that relates to an identified or identifiable natural person falls under the GDPR, this also includes34 KB (4,652 words) - 12:07, 12 November 2023
- of such processing (see Article 5(1)(b) GDPR), the requirement to have a legitimate basis laid down by law (see Article 6(1) GDPR), the right to access and48 KB (5,978 words) - 15:57, 1 February 2024
- Article 17 GDPR (category GDPR Articles) (section (i) Erasure following objection under Article 21(1))subject (Article 12(2) GDPR), respond and communicate the measures taken (Article 12(3) and (4) GDPR), the principle of freedom from costs (Article 12(5)61 KB (8,488 words) - 15:47, 18 March 2024
- Article 90 GDPR (category Article 90 GDPR)accordance with Article 58(1) GDPR. Article 90 GDPR was drafted with a view to regulate potential conflicts between the application of the GDPR on the one hand18 KB (1,599 words) - 12:26, 29 April 2022
- with Article 13, Article 14 GDPR gives expression to the principle of transparency enshrined in Article 5(1)(a) GDPR and further defined in Article 12 GDPR47 KB (5,644 words) - 17:49, 5 March 2024
- on Article 36(4), it is still disputed whether the outcome of the procedure rather resembles that of Article 58(3)(a) GDPR or Article 58(3)(b) GDPR. See31 KB (3,646 words) - 08:51, 21 July 2023
- Press 2020). Spiecker et al., GDPR Article-by-Article Commentary (2023), p 1090. Spiecker et al., GDPR Article-by-Article Commentary (2023), p 1090. CJEU22 KB (2,177 words) - 10:01, 19 March 2024
- complaint under Article 77(1) GDPR on behalf of the data subject and to represent the them before all supervisory authorities (“SA”) (Article 4(21) GDPR). Secondly26 KB (2,575 words) - 15:50, 9 November 2023
- Article 88 GDPR (category Article 88 GDPR)opening clause under Article 88(1) GDPR, any rules introduced must meet the criteria imposed by Article 88(2) GDPR. Lastly, Article 88(3) GDPR imposes an obligation32 KB (3,228 words) - 13:32, 30 November 2023
- Article 22 GDPR (category GDPR Articles) (section (4) Qualified prohibition of using special categories of data)and interpretation as in Article 22(3) GDPR. → You can find all related decisions in Category:Article 22 GDPR Article 20 of GDPR proposal, COM(2012) 11 final31 KB (4,768 words) - 06:24, 16 June 2023
- Article 18 GDPR (category GDPR Articles) (section (d) Objection to processing under Article 21(1) GDPR)and (3) GDPR), inform him or her about the measures taken (Article 12(3) and (4) GDPR), the right to receive this service free of charge (Article 12(5) GDPR)32 KB (3,730 words) - 08:43, 7 March 2024
- Article 91 GDPR (category Article 91 GDPR) (section Rules that are comprehensive and in line with the GDPR)Regulation (GDPR), Article 91 GDPR, p. 1263 (Oxford University Press 2020). Tosoni, in Kuner et al., The EU General Data Protection Regulation (GDPR), Article25 KB (2,482 words) - 10:04, 19 March 2024
- can carry out a notification in phases under Article 33(4) GDPR (see below). Under Article 33(3)(b) GDPR, the supervisory authority must be given the contact54 KB (6,536 words) - 08:22, 16 June 2023
- APD/GBA (Belgium) - 165/2023 (category Article 5(1)(f) GDPR)accordance with Article 1 (1) (f) and (2) of the GDPR, Article 24 (1) of the GDPR, Article 25, paragraph 1 of the GDPR and article 32 of the GDPR. Please also67 KB (9,908 words) - 11:09, 10 January 2024
- Article 89 GDPR (category Article 89 GDPR) (section (4) Derogations do not Extend to Other Purposes that Require the Same Processing)that purpose. Article 89(4) GDPR makes it clear that the derogations to the GDPR are only available for processing specified in Article 89 GDPR, and not for29 KB (3,695 words) - 13:44, 21 March 2024
- Article 6 GDPR (category GDPR Articles) (section Tension with Article 5 and 12 GDPR in case of routine reliance on Article 6(4) GDPR)possible "legitimate interest" under Article 6(1)(f) GDPR. Equally to Article 6(1)(c) GDPR, Article 6(2) and (3) GDPR require that Union or Member State108 KB (17,005 words) - 15:39, 18 March 2024
- Article 49 GDPR (category GDPR Articles)adequacy decision pursuant to Article 45 GDPR shall be used, when it exists; second, appropriate safeguards under Article 46 GDPR, such as binding corporate29 KB (3,500 words) - 08:54, 27 March 2023
- explicit wording of Article 81 GDPR does not limit its application to proceedings instigated either under Article 78 GDPR or Article 79 GDPR. Secondly, the27 KB (2,619 words) - 14:52, 16 November 2023
- Article 1 GDPR (category GDPR Articles)about the scope of the term 'personal data' under Article 4(1) GDPR. Non-EU citizens can rely on the GDPR as its application is generally independent of nationality28 KB (3,831 words) - 16:21, 14 March 2024
- Article 37 GDPR (category GDPR Articles) (section (4) Other circumstances in which to designate a data protection officer)categories of data under Article 9 GDPR or data relating to criminal convictions and offences under Article 10 GDPR. Article 37(2) GDPR allows for the designation43 KB (4,904 words) - 12:59, 21 July 2023
- freedoms of individuals", as stated in Article 35(1) and further elucidated in Article 35(3) and Article 35(4) GDPR. The WP29 developed a list of criteria52 KB (7,297 words) - 08:05, 18 July 2023
- Article 26 GDPR (category GDPR Articles)provisions such as Article 30(4) for the record of processing or Article 40(11) for the register of approved codes of conduct, Article 26 does not explicitly37 KB (3,915 words) - 12:49, 24 May 2023
- Article 85 GDPR (category Article 85 GDPR) (section Scope of the exceptions within the GDPR framework)into force of the GDPR. Spiecker et al., GDPR Article-by-Article Commentary (2023), p 1073. Spiecker et al., GDPR Article-by-Article Commentary (2023)33 KB (3,748 words) - 14:25, 7 November 2023
- Article 40 GDPR (category GDPR Articles) (section (3) Controllers and processors that are not subject to the GDPR)requirements. Although Article 40(5) GDPR mentions that the competent DPA will be determined through the application of Article 55 GDPR, the GDPR does not provide44 KB (5,008 words) - 14:50, 28 July 2023
- APD/GBA (Belgium) - 162/2022 (category Article 4(11) GDPR)and (2) GDPR; b. a breach of Article 12(1) and (6) GDPR, Article 13(1) and (2) GDPR and Article 14(1) and (2) GDPR, Article 5(2) GDPR, Article 24(1) GDPR71 KB (10,426 words) - 08:21, 23 November 2022
- in Category:Article 3 GDPR EDPB, ‘Guidelines 3/2018 on the territorial scope of the GDPR (Article 3)’, 12 November 2019 (Version 2.1), p. 4 (available here)37 KB (4,635 words) - 13:29, 24 October 2023
- mechanism referred to in Article 63 GDPR (Article 28(8) GDPR). The Commission has made use of its power under Article 28(7) GDPR and published standard contractual72 KB (9,140 words) - 13:12, 2 June 2023
- in Category:Article 45 GDPR Kuner, in Kuner, Bygrave, Docksey, The EU General Data Protection Regulation (GDPR): A Commentary, Article 45 GDPR, p. 774 (Oxford43 KB (5,641 words) - 14:58, 28 April 2022
- refusal to take action on a data subject’s request (Article 12(4)). The first sentence of Article 20(3) GDPR clarifies that the exercise of the right to data40 KB (5,349 words) - 07:05, 1 June 2023
- DSB (Austria) - 2021-0.586.257 (category Article 4(1) GDPR)website controller qualifies as controller (Article 4(7) GDPR) and Google LLC as processor (Article 4(8) GDPR) for data processing in connection with Google108 KB (17,097 words) - 13:52, 12 May 2023
- APD/GBA (Belgium) - 01/2021 (category Article 60 GDPR)Constitution. It therefore went on to say that, Article 57 of the Law, read in combination with Article 60 of the same Law, provide that procedures must19 KB (2,707 words) - 16:50, 12 December 2023
- VK Baden-Württemberg - 1 VK 23/22 (category Article 44 GDPR)within the meaning of Article 4 no. 2 of the GDPR and the term "transfer" within the meaning of Article 44 et seq. of the GDPR. GDPR had to be differentiated62 KB (10,113 words) - 12:48, 17 August 2022
- Spain the GDPR is developed by the Ley Orgánica 3/2018 de Protección de Datos Personales y garantía de los derechos digitales (LOPDGDD). Article 7.2 LOPDGDD15 KB (1,875 words) - 16:18, 13 July 2022
- HDPA (Greece) - 23/2020 (category Article 4(1) GDPR)principle of proportionality (Article 8(1) CFR, Article 9A Greek Constitution, Recital 64 GDPR), underlined that the GDPR totally respects all fundamental9 KB (1,089 words) - 15:35, 6 December 2023
- HDPA (Greece) - 57/2021 (category Article 13 GDPR)2016/679 and article 11toun.3471 / 2006, according to article 58par.2 of the GCP in in combination with article 83 par. 5 of the GCC, and with article 21 par45 KB (7,165 words) - 15:22, 22 February 2022
- HDPA (Greece) - 33/2020 (category Article 4(7) GDPR)access, according to Article 15(1)g GDPR. Thus, the HDPA held that the College as a data controller, according to Article 4(7) GDPR, fulfilled the right20 KB (2,270 words) - 15:37, 6 December 2023
- DSB (Austria) - Austrian Postal Service (category Article 6(1)(f) GDPR)"special categories of data" under Article 9 GDPR. What is the relationship between national laws (like § 151 GewO) and GDPR? Is a prediction of a political8 KB (611 words) - 16:12, 6 December 2023
- HG Wien - 57 Cg 32/20m (category Article 4(2) GDPR) (section Clause 2: Violation of the Transparency Principle under Article 5(1)(a) GDPR)based on a legitimate interest under Article 6(1)(f) GDPR, so that the principle of lawfulness under Article 5(1)(a) GDPR is violated. This is due to the fact24 KB (3,579 words) - 12:05, 7 July 2021
- identification data of the parties be published directly. 3Ibid. Decision 57/2022 - 4/4 12. In accordance with its dismissal policy, the Disputes Chamber will12 KB (1,431 words) - 16:45, 12 December 2023
- AEPD (Spain) - EXP202100300 (category Article 16 GDPR)included within the framework of data protection. Therefore, Article 16 GDPR cannot be applied. Article 16 refers to inaccurate personal data, not to the rectification16 KB (2,362 words) - 13:37, 13 December 2023
- Norges Høyesterett - 2021-2403-A (category Article 4(11) GDPR)other two conditions of Article 6 (1) (f) of the GDPR are not met. (26) The second condition of Article 6 (1) (f) of the GDPR is that the processing of46 KB (7,024 words) - 06:18, 6 March 2022
- DSB (Austria) - 2020-0.605.768 (category Article 57(1)(p) GDPR)context of Articles 40 and 41 GDPR, in particular from Article 40 Paragraph 4 in conjunction with Article 41 Paragraph 2 lit. c) GDPR, namely further that a monitoring19 KB (2,799 words) - 13:52, 12 May 2023
- BAC (Bulgaria) - 2606/2021 (category Article 4(12) GDPR)CPDP issued NRA an order under Article 58(2)(d) supra Article 57(1)(a) and Article 83(2)(a), (c), (d), (f) and (g) of the GDPR for undertaking suitable technical13 KB (1,761 words) - 09:58, 14 December 2023
- Datatilsynet (Norway)- 20/02254 (category Article 57(1)(a) GDPR)Privacy Ordinance Article 4 No. 1. The Data Inspectorate is competent to monitor compliance with the Privacy Ordinance in line with Articles 57 and 58 of the24 KB (3,498 words) - 16:14, 6 December 2023
- APD/GBA (Belgium) - 21/2022 (category Article 5(1)(f) GDPR) (section Accountability (Article 24 GDPR), data protection by design and by default (Article 25 GDPR), integrity and confidentiality (Article 5(1)(f) GDPR), as well as security of processing (Article 32 GDPR))default (Art. 25 GDPR), integrity and confidentiality (Art. 5.1.f GDPR), as well as security ofprocessing(Art. 32GDPR)......101 B.4.4. - Additional alleged429 KB (58,279 words) - 09:12, 2 November 2022
- Datatilsynet (Norway) - 20/01865 (category Article 4(1) GDPR)under Article 4(1) GDPR. These statistics even included health data which qualify as a special category of personal data under Article 9(1) GDPR. The Datatilsynet19 KB (2,942 words) - 09:03, 14 September 2023
- EFTA Court - Joined Cases E-11/19 and E-12/19 (category Article 57(3) GDPR)in relation to proceedings under Article 78(1) of the GDPR. The Court notes that Article 58(4) and Article 78 of the GDPR give expression to the right to59 KB (8,242 words) - 10:47, 17 March 2021
- AEPD (Spain) - TD/00183/2021 (category Article 15 GDPR)accordance with the provisions of section 2 of article 56 in in relation to paragraph 1 f) of article 57, both of Regulation (EU) 2016/679 of the European20 KB (3,087 words) - 13:30, 13 December 2023
- ICO (UK) - Chief Constable West Midlands Police (category Article 57(1) GDPR)38(1)(3), 40 and 57(1)(2) of UK GDPR. ICO also recommended that WMP should take certain steps to ensure its compliance with the UK GDPR. Share your comments18 KB (2,470 words) - 08:01, 10 May 2024
- LG Feldkirch - 57 Cg 30/19b - 15 (category Article 9(1) GDPR)the GDPR, as the data falls under Article 9 GDPR and awarded € 800 in emotional damages. The Austrian Business Code cannot override Article 9 GDPR. There69 KB (11,077 words) - 16:48, 7 March 2022
- HDPA (Greece) - 2/2023 (category Article 4(7) GDPR)protected by article 5 par. 1 item a) GDPR, in conjunction with Article 13 GDPR and b) directs a reprimand, according to article 58 par. 2 b) GDPR, to the complained31 KB (5,021 words) - 16:15, 18 July 2023
- Supreme Court - C.20.0323.N (category Article 4(11) GDPR)Articles 2.1, 4 2), 5.1 c) and 57.1 a), f) and h) GDPR, to the extent necessary read in conjunction with Article 288(2) TFEU and Articles 4 § 1, 63, 72 and43 KB (6,749 words) - 07:07, 28 October 2021
- DSB (Austria) - 2020-0.349.984 (category Article 4(2) GDPR)Paragraph 4 DSG) rely on an authorization norm within the meaning of Article 6 Paragraph 1 lit. c GDPR. This also results from Art. 5 Para. 1 lit. a GDPR, according28 KB (4,228 words) - 14:00, 12 May 2023
- Personvernnemnda (Norway) - 2023-14 (21/01067) (category Article 57(1)(f) GDPR)subject's right to lodge a complaint as per Article 77 GDPR, in conjunction with Recital 141, and Article 57(1)(f) GDPR. The Board referenced an earlier decision16 KB (2,363 words) - 19:27, 13 November 2023
- DSB (Austria) - 2020-0.816.655 (category Article 4(16)(a) GDPR)pursuant to Article 14 - and not the right to information pursuant to Article 15 of the GDPR as alleged by the respondent - was alleged. However, Article 14 (1)28 KB (4,230 words) - 13:53, 12 May 2023
- AEPD (Spain) - TD/00325/2019 (category Article 57(1)(f) GDPR)take a decision in accordance with the provisions of Article 56(2) in conjunction with Article 57(1)(f) both of Regulation (EU) 2016/679 of the European17 KB (2,691 words) - 14:52, 13 December 2023
- AZOP (Croatia) - Decision 04-07-2022 (category Article 57(1) GDPR)space. The DPA found a violation of Article 6(1) GDPR and ordered the controller, pursuant to Article 58(2)(d) GDPR, to adjust the location of the cameras14 KB (2,038 words) - 15:20, 30 October 2023
- AEPD (Spain) - PS/00139/2020 (category Article 57(1) GDPR)violation of Article 5(1)(d) of the GPRS, in relation to Article 4(1) of the LOPDGDD, which governs the principle of accuracy of personal data. IV Article 72.120 KB (3,086 words) - 14:04, 13 December 2023
- Court of Appeal of Brussels - 2020/AR/329 (category Article 57(1)(f) GDPR)he assessment: violation of Article 57.4 AVG (third plea in law from X). X submits that the decision violates Article 57.4 of the AVG where this provision48 KB (7,560 words) - 09:03, 20 August 2021
- defendant within the meaning of Article 4 of the GDPR. The defendant is therefore a controller within the meaning of Art. 4 No. 7 GDPR. b. 44 The Senate is convinced51 KB (8,215 words) - 09:55, 13 May 2022
- AEPD (Spain) - PS/00117/2022 (category Article 4(11) GDPR)in the article 57.1 and the powers granted in article 58.1 of the Regulation (EU) C/ Jorge Juan, 6 www.aepd.es 28001 – Madrid sedeagpd.gob.es 4/11 2016/67930 KB (4,623 words) - 12:58, 13 December 2023
- UODO (Poland) - DKN.5112.13.2020 (category Article 57(1)(h) GDPR)in line with the principle of lawfulness in Article 5(1)(a) GDPR, as none of the conditions of Article 6 GDPR were satisfied. The data disclosed in the land60 KB (9,755 words) - 09:58, 17 November 2023
- Court of Appeal of Brussels - 2022/AR/1085 (category Article 57(1)(f) GDPR)the grounds of (i) the absence of a high risk within the meaning of Article 35.5 GDPR and (ii) the fact that the present complaint is only a side dispute30 KB (4,204 words) - 09:54, 14 December 2023
- UODO (Poland) - DKE.561.11.2020 (category Article 34(4) GDPR)and Article 57(1)(a), Article 83(1)-(2) and Article 83(6) in connection with Article 58(2)(e) and (i) of the Regulation of the European Parliament and46 KB (7,322 words) - 09:51, 17 November 2023
- AEPD (Spain) - PS/00209/2019 (category Article 57(1) GDPR)powers of investigation conferred on the supervisory authorities in Article 57 (1) of the GDPR.Thus, on 31/10/18, an information injunction was sent to the entity26 KB (4,212 words) - 14:10, 13 December 2023
- AEPD (Spain) - PS/00090/2020 (category Article 57(1) GDPR)gob.es 4/9 This infraction is typified in Article 83.5.e) of the RGPD, which considers such as: 'failure to provide access in breach of Article 58(1)'16 KB (2,462 words) - 13:58, 13 December 2023
- DSB (Austria) - D130.206/0006-DSB/2019 (category Article 4(7) GDPR)in line with Article 13 GDPR. On the DSB's request, the controller declared R*** Hotels GmbH as its representative under Article 27 GDPR and sent a reply40 KB (6,007 words) - 13:59, 12 May 2023
- CJEU - C-311/18 - Schrems II (category Article 2(2) GDPR)under Article 57(1)(f) of the GDPR, each supervisory authority is required on its territory to handle complaints which, in accordance with Article 77(1)12 KB (1,780 words) - 17:22, 10 March 2022
- Garante per la protezione dei dati personali (Italy) - 9446730 (category Article 57 GDPR)computer was accessed (16.5.2018) (note 1.3.2019, p. 4-5). 1.4. On 17 May 2019, pursuant to Article 166, paragraph 5, of the Code, the Office notified the34 KB (5,420 words) - 15:51, 6 December 2023
- Commissioner (Cyprus) - 17.05.23 (category Article 5(1)(c) GDPR)subjects, while according to the Article 57(1)(a) it monitors and enforces the application of the Regulation. 3.1.1 Article 57 of the General Principles of31 KB (4,973 words) - 16:50, 6 December 2023
- UODO (Poland) - DKN.5131.5.2020 (category Article 57(1)(a) GDPR)subjects, according to Article 33(1) GDPR and Article 34(1) GDPR? The PUODO held that the insurance company infringed the GDPR provisions, failing to notify47 KB (7,608 words) - 10:00, 17 November 2023
- AEPD (Spain) - PS/00024/2019 (category Article 57(1) GDPR)the principle of confidentiality, namely Article 5(1)(f) GDPR, and thus, it did not comply with Article 5(2) GDPR referred as the principle of "proactive53 KB (8,593 words) - 13:47, 13 December 2023
- Personvernnemnda (Norway) - PVN-2023-08 (category Article 77 GDPR)obligation for the DPA to process the case pursuant to Article 77. It follows from Article 57(1)(a) GDPR that the Data Protection Authority shall, "supervise16 KB (2,367 words) - 10:06, 17 November 2023
- powers they receive under Articles 57 and 58 of the GDPR. So must for example, pursuant to Article 57.2 of the GDPR, any supervisory authority can submit35 KB (5,303 words) - 17:01, 12 December 2023
- APD/GBA (Belgium) - 81/2020 (category Article 5(1)(c) GDPR)they are processed (article 5.1 e) of the GDPR). 8.1.4. As for breaches of Articles 5.2. and 24 of the GDPR 88. Article 24.1 of the GDPR which covers Chapter127 KB (21,484 words) - 17:01, 12 December 2023
- UODO (Poland) - DKN.5130.2815.2020 (category Article 57(1)(a) GDPR)and Article 58(2)(b) in connection with Article 5(1)(f), Article 24(1), Article 25(1), Article 32(1) and (2) of 2 of Regulation EU 2016/679 of the European37 KB (5,819 words) - 09:58, 17 November 2023
- Recitals GDPR (section Recitals from the GDPR)monitor the functioning of decisions adopted on the basis of Article 25(6) or Article 26(4) of Directive 95/46/EC. In its adequacy decisions, the Commission182 KB (24,065 words) - 13:40, 9 July 2021
- OVG Sachsen-Anhalt - 1 M 49/23 (category Article 53(1) GDPR)this regulation in accordance with Article 57 (1) (a) GDPR and which has the powers in accordance with Article 58 GDPR. For this reason alone, there was14 KB (1,999 words) - 14:20, 18 July 2023
- [The equivalent GDPR Article to Article 48(3)(a) EU GDPR is Article 46(3)(a) GDPR, and Article 50(1)(d) EU GDPR is Article 49(1)(d) GDPR.] Share blogs or73 KB (9,347 words) - 13:28, 26 July 2023
- Garante per la protezione dei dati personali (Italy) - 9445567 (category Article 5(1)(a) GDPR)that: to. "As of February 4, 2019 the supermarket managed by the company TB srl located in Milan in via Piero della Francesca n. 57, year in which the complainant16 KB (2,471 words) - 15:51, 6 December 2023
- AEPD (Spain) - EXP202103878 (category Article 6(1) GDPR)to Articles 57(1) and 58(2) GDPR for the processing of personal data without the consent of the data subject, as foreseen in Article 6 GDPR. Firstly, the20 KB (3,035 words) - 10:33, 13 December 2023
- AEPD (Spain) - PS/00148/2019 (category Article 6 GDPR)violation of Article 7.3 of Organic Law 15/1999, of December 13, of Protection of Personal Data (hereinafter LOPD), typified in the Article 44.4.b) of the48 KB (7,550 words) - 14:05, 13 December 2023
- Datatilsynet (Norway) - 21/03530 (category Article 6(1)(b) GDPR)it should have under Article 60 GDPR - Article 61(8) GDPR applied, which meant that the urgent need to act under Article 66(1) GDPR was presumed to be met99 KB (14,431 words) - 16:20, 6 December 2023
- DSB (Austria) - 2022-0.296.352 (category Article 45(3) GDPR)anyway. In any case, suitable guarantees were required by Article 46(1) GDPR. Per Article 46(3)(b) GDPR, those guarantees could be provided for by provisions10 KB (1,335 words) - 13:39, 12 May 2023
- APD/GBA (Belgium) - 75/2023 (category Article 6(1)(f) GDPR)paying profiles. II.4. Article 12(1),(2) and (3), Article 17, Article 19, Article 24(1) and Article 25(1) AVG 63. Article 12 (1) GDPR stipulates that the77 KB (11,604 words) - 08:55, 29 June 2023
- AEPD (Spain) - EXP202203923 (category Article 12 GDPR)with the provisions of section 2 of article 56 in relation to section 1 f) of article 57, both of the GDPR; and in article 47 of the LOPDGDD. SECOND: In accordance14 KB (2,139 words) - 10:50, 13 December 2023
- DSB (Austria) - 2020-0.083.190 (category Article 82(6) GDPR)32 para 1, 56 para 2, 57 para 1 of the Administrative Criminal Act 1991 - VStG, Federal Law Gazette No 52/1991 as amended; Article 82 para 6 of Regulation8 KB (961 words) - 13:48, 12 May 2023
- Commissioner (Cyprus) - 11.17.001.010.045 (category Article 5(1)(c) GDPR)that the article’s publication was in violation of Article 5(1)(c) GDPR, Article 6(1)(f) GDPR, when read in line with Article 85 GDPR. Article 5(1)(c) outlines74 KB (12,375 words) - 10:07, 4 October 2023
- CNIL (France) - SAN-2019-005 (category Article 5(1)(e) GDPR)violates Article 32 GDPR. Retaining personal data of an applicant for a lease after another applicant has been selected also violates Article 5(1)(e) GDPR41 KB (6,558 words) - 17:09, 6 December 2023
- AEPD (Spain) - EXP202202928 (category Article 12 GDPR)with the provisions of section 2 of article 56 in relation to section 1 f) of article 57, both of the GDPR; and in article 47 of the LOPDGDD. SECOND: In accordance14 KB (2,003 words) - 12:37, 13 December 2023
- UODO (Poland) - DKE.561.3.2020 (category Article 31 GDPR)protected (Article 32, Article 24 (1) and (2) of Regulation 2016/679). Has the Chief Surveyor of the country appointed a data protection officer (Article 37 of51 KB (8,322 words) - 09:51, 17 November 2023
- AEPD (Spain) - EXP202301529 (category Article 17 GDPR)provisions of article 55 of the GDPR, the Spanish Agency for Data Protection is competent to perform the functions assigned to it in its article 57, among them20 KB (3,078 words) - 13:05, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9778094 (category Article 5(1)(a) GDPR)the processing of personal data of the data subject (Article 5(1)(a) GDPR; Article 6 and Article 8 of the Italian Legislative Decree No. 101 of August66 KB (10,708 words) - 11:29, 16 August 2022
- GDPRhub is a wiki with GDPR-related decisions and knowledge, enabling anyone to find and share GDPR insights across Europe! GDPRhub collects and summarises6 KB (277 words) - 12:46, 10 April 2024
- Helsingin hallinto-oikeus (Finland) - H5259/2022 (category Article 6 GDPR)the social and health authority of a city to had breached Article 6 GDPR and Article 10 GDPR by requesting data subjects to provide it with personal data43 KB (6,678 words) - 08:41, 4 March 2024
- APD/GBA (Belgium) - 63/2020 (category Article 12(4) GDPR)en hij deze zaak niet wenst verder te zetten. 2. Rechtsgrond Artikel 12.4 AVG 4. Wanneer de verwerkingsverantwoordelijke geen gevolg geeft aan het verzoek20 KB (2,982 words) - 17:00, 12 December 2023
- AEPD (Spain) - TD/00133/2020 (category Article 12 GDPR)has been received. Does the GDPR allow the data controller to ignore a request for erasure? The AEPD found that Article 12 GDPR does not allow the data controller18 KB (2,721 words) - 14:51, 13 December 2023
- APD/GBA (Belgium) - 37/2020 (category Article 17 GDPR)provided for in Article 56(1), read in conjunction with Article 56(2), read in conjunction with Article 56(3), read in conjunction with Article 56(4), read in131 KB (22,429 words) - 16:57, 12 December 2023
- AEPD (Spain) - TD/00185/2019 (category Article 17 GDPR)competent to decide, in accordance with the provisions of Article 56(2) in relation to Article 57(1)(f), both of Regulation (EU) 2016/679 of the European17 KB (2,620 words) - 14:51, 13 December 2023
- APD/GBA (Belgium) - 17/2020 (category Article 12(3) GDPR)way of a finding under article 15 of the GDR instead of the provisions of article 15 of the GDR. 36, § 4 and § 5 as well as Article 38, § 1 of the Law of52 KB (8,603 words) - 16:55, 12 December 2023
- AEPD (Spain) - TD/00071/2020 (category Article 17 GDPR)6www.aepd.es28001 - Madridsedeagpd.gob.es Page 4 4/7with Article 6, paragraph 1, letter a), or Article 9, paragraph 2, letter a), and this is notbased19 KB (2,948 words) - 14:50, 13 December 2023
- CNIL (France) - SAN-2020-014 (category Article 9 GDPR)obligation of Article 32 GDPR? - Does the fact that this health data is not encrypted constitute a breach of the security obligation under Article 32 GDPR? - Does26 KB (4,050 words) - 17:10, 6 December 2023
- AEPD (Spain) - EXP202202889 (category Article 12 GDPR)with the provisions of section 2 of article 56 in relation to section 1 f) of article 57, both of the GDPR; and in article 47 of the LOPDGDD. SECOND: In accordance20 KB (3,077 words) - 10:46, 13 December 2023
- AEPD (Spain) - TD/00251/2021 (category Article 15 GDPR)accordance with the provisions of section 2 of article 56 in in relation to paragraph 1 f) of article 57, both of Regulation (EU) 2016/679 of the European20 KB (3,142 words) - 13:31, 13 December 2023
- CJEU - C-77/21 - Digi (category Article 6(4) GDPR)regarding Articles 5(1)(b) GDPR and 5(1)(e) GDPR and held that national courts had to determine, using the factors of Article 6(4) GDPR, whether further processing49 KB (7,800 words) - 09:22, 5 January 2024
- AEPD (Spain) - PS/00341/2019 (category Article 21 GDPR)control authorities in article 57.1 of Regulation (EU) 2016/679 (General Data Protection Regulation, hereinafter referred to as the GDPR), and in accordance26 KB (4,032 words) - 14:31, 13 December 2023
- AEPD (Spain) - EXP202201987 (category Article 15 GDPR)under Article 15 GDPR, in a timely manner as well as in clear and transparent form. Second, the DPA looked at the right to erasure under Article 17 GDPR21 KB (3,290 words) - 10:50, 13 December 2023
- AEPD (Spain) - EXP202202000 (category Article 17 GDPR)accordance with the provisions of paragraph 2 of Article 56 in relation to paragraph 1 f) of Article 57, both of Regulation (EU) 2016/679 of the European20 KB (3,107 words) - 10:49, 13 December 2023
- APD/GBA (Belgium) - 48/2021 (category Article 5(1)(a) GDPR)(listed in Article 57 of the GDPR) including that of dealing with complaints (article 57.1.f) of the GDPR) as well as a number of powers (article 58 of the43 KB (6,670 words) - 16:58, 12 December 2023
- AEPD (Spain) - TD/00013/2021 (category Article 12(6) GDPR)accordance with the provisions of section 2 of article 56 in in relation to paragraph 1 f) of article 57, both of Regulation (EU) 2016/679 of the European19 KB (3,027 words) - 14:48, 13 December 2023
- Helsingin hallinto-oikeus (Finland) - H6072/2021 (category Article 6(1)(f) GDPR)can find Yle's news article with the title . Behind the URL search result link 4, on the other hand, you can find Alibi's news article with the title . Such61 KB (9,876 words) - 21:38, 24 March 2024
- AEPD (Spain) - TD/00263/2020 (category Article 13 GDPR)accordance with the provisions of section 2 of article 56 in in relation to paragraph 1 f) of article 57, both of Regulation (EU) 2016/679 of the European22 KB (3,544 words) - 14:48, 13 December 2023
- Hoge Raad - ECLI:NL:PHR:2023:935 (category Article 5(1)(c) GDPR)Hague October 4, 2022, ECLI:NL:GHDHA:2022:2100, para. 3.1-3.13. 4 Conclusion 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 Exhibit 4 to the introductory103 KB (17,620 words) - 10:13, 29 November 2023
- AEPD (Spain) - EXP202101314 (category Article 15 GDPR)accordance with the provisions of section 2 of article 56 in in relation to paragraph 1 f) of article 57, both of Regulation (EU) 2016/679 of the European18 KB (2,693 words) - 13:31, 13 December 2023
- provisions of article 55 of the GDPR, the Spanish Agency for Data Protection is competent to carry out the functions assigned to it in article 57, including18 KB (2,786 words) - 12:38, 13 December 2023
- APD/GBA (Belgium) - 136/2023 (category Article 5(1)(f) GDPR)violating Article 5(1)(f) GDPR, Article 5(1)(a) GDPR, Article 5(2) GDPR, Article 12 GDPR, Article 13 GDPR, Article 14 GDPR, Article 24(1) GDPR, and Article58 KB (9,184 words) - 16:49, 12 December 2023
- Garante per la protezione dei dati personali (Italy) - 9509558 (category Article 5(1)(a) GDPR)Regulation (Article 85) and the Code (Articles 136 et seq.); h) the adoption of suitable measures to eliminate the consequences of the violation (Article 83, paragraph24 KB (3,667 words) - 15:53, 6 December 2023
- AEPD (Spain) - EXP202102430 (category Article 83(4) GDPR)the claimed party, for the alleged violation of Article 32 of the RGPD, typified in Article 83.4 of the GDPR. Once the initiation agreement was notified,33 KB (4,835 words) - 13:26, 13 December 2023
- AEPD (Spain) - EXP202202183 (category Article 6(1) GDPR)provided for in Article 15 GDPR and Article 13 LOPDGDD was exercised. Secondly, the DPA noted that a valid legal basis under Article 6(1) GDPR is required22 KB (3,432 words) - 12:37, 13 December 2023
- HDPA (Greece) - 31/2023 (category Article 5(1)(c) GDPR)with the principles of article 5 par. 1 GDPR. It is no coincidence that the GDPR includes accountability (see Article 5 para. 2 GDPR) in the regulation of61 KB (10,257 words) - 10:15, 1 November 2023
- HDPA (Greece) - 20/2020 (category Article 4(15) GDPR)explanatory statement of the law, Article 10 defines the Authority’s competence in compliance with Article 55 GDPR.Article 55 GDPR provides for a restriction29 KB (4,578 words) - 15:35, 6 December 2023
- AEPD (Spain) - EXP202203606 (category Article 17(1)(a) GDPR)accordance with the provisions of section 2 of article 56 in in relation to section 1 f) of article 57, both of Regulation (EU) 2016/679 of the European22 KB (3,264 words) - 13:29, 13 December 2023
- CNPD (Portugal) - Deliberação 2022/1072 (category Article 83(4)(a) GDPR)paragraph 3, all of article 35, and paragraph a) of paragraph 4 of article 83, all GDPR, with a fine of up to €20,000,000 or up to 4% of annual turnover163 KB (27,222 words) - 16:54, 6 December 2023
- AEPD (Spain) - EXP202202937 (category Article 12 GDPR)accordance with the provisions of section 2 of article 56 in in relation to section 1 f) of article 57, both of Regulation (EU) 2016/679 of the European26 KB (3,997 words) - 18:59, 26 February 2024
- AEPD (Spain) - TD/00044/2021 (category Article 17 GDPR)accordance with the provisions of section 2 of article 56 in in relation to paragraph 1 f) of article 57, both of Regulation (EU) 2016/679 of the European22 KB (3,465 words) - 13:30, 13 December 2023
- CNIL (France) - SAN-2020-012 (category Article 4(7) GDPR)the fine, the criteria specified in the same article 83. 111. Article 83 of the GDPR, as referred to in Article 20, paragraph III, of the Data Protection93 KB (14,936 words) - 17:09, 6 December 2023
- AEPD (Spain) - PS/00451/2019 (category Article 6(1)(f) GDPR)regard to article 83.2 (k) of the RGPD, the LOPDGDD, article 76, "Sanctions and corrective measures", provides: "2. In accordance with Article 83(2)(k)26 KB (4,231 words) - 14:44, 13 December 2023
- EDPB - Binding Decision 3/2022 - 'Meta (Facebook)' (category Article 4 GDPR)administrative fine for the infringement of Article 6(1) or Article 6(1)(b) GDPR meet the requirements of Article 4(24) GDPR. 504. The EDPB decides that the relevant53 KB (8,413 words) - 14:10, 30 January 2023
- CPDP (Bulgaria) - PNN-01-433/2019 (category Article 6(1)(a) GDPR)for processing personal data without a legal ground as required by Article 6(1) GDPR, after hiring a handwriting expert to determine that an alleged signature18 KB (2,987 words) - 16:49, 6 December 2023
- AEPD (Spain) - EXP202203996 (category Article 15 GDPR)accordance with the provisions of section 2 of article 56 in in relation to section 1 f) of article 57, both of Regulation (EU) 2016/679 of the European26 KB (4,017 words) - 12:37, 13 December 2023
- AEPD (Spain) - PS/00405/2019 (category Article 6(1) GDPR)significant (Article 83(2)(b) GDPR). - basic personal identifiers were affected (name, identification number, the line identifier) (Article 83(2)(g) GDPR). The24 KB (3,887 words) - 14:34, 13 December 2023
- DSB (Austria) - 2020-0.743.659 (category Article 4(15) GDPR)requirements of Article 9 GDPR. In the DSB held that the processing violated Articles 5, 6 and 9 GDPR: Consent under Articles 6(1)(a), 7 and 9(2)(a) GDPR cannot50 KB (8,015 words) - 13:52, 12 May 2023
- Datatilsynet (Norway) - 21/00480 (category Article 5(1)(f) GDPR)fined a municipality €409,768 (NOK 4,000,000) for breaches of Article 5(1)(f) GDPR, Article 24 GDPR and Article 32 GDPR after a serious ransomware attack31 KB (4,380 words) - 06:12, 14 March 2023
- LG Magdeburg - 9 O 1571/20 (category Article 6(1) GDPR)that under Article 82 (1) and (2) GDPR, any person who has suffered material or non-material damage as a result of a violation of the GDPR is entitled27 KB (4,216 words) - 13:26, 8 January 2024
- AEPD (Spain) - EXP202100764 (category Article 83(4) GDPR)ends and means of such activity, by virtue of article 4.7 of the GDPR. Article 4 section 12 of the GDPR broadly defines “violations of security of personal34 KB (5,184 words) - 13:22, 13 December 2023
- AEPD (Spain) - EXP202205932 (category Article 6(1) GDPR)basis under Article 6(1) GDPR. In light of this, the DPA issued a fine of €70,000 to másLUZ Energía (SIE) by virtue of Article 83(5) GDPR for unlawful32 KB (4,952 words) - 13:11, 13 December 2023
- HDPA (Greece) - 6/2020 (category Article 5 GDPR)compliance with the principles of Article 5 (1) GDPR. 4. As, in accordance with the provisions of Article 4 (c) (d).1 GDPR is personal data “any information29 KB (4,557 words) - 15:33, 6 December 2023
- Garante per la protezione dei dati personali (Italy) - 9445550 (category Article 15 GDPR)amount of the fine under Article 83(2) GDPR. The data subjects complains about the violation of its right of access (Article 15 GDPR) by the Istituto Nazionale22 KB (3,478 words) - 15:51, 6 December 2023
- AEPD (Spain) - EXP202205791 (category Article 17 GDPR)with the provisions of section 2 of article 56 in relation to section 1 f) of article 57, both of the RGPD; and in article 47 of the LOPDGDD. C/ Jorge Juan29 KB (4,648 words) - 12:38, 13 December 2023
- AEPD (Spain) - TD/00005/2020 (category Article 17 GDPR)the Spanish Agency of Data Protection, as laid down in Article 56(2) inin relation to Article 57(1)(f), both of Regulation (EU) 2016/679 of European Parliament23 KB (3,780 words) - 14:49, 13 December 2023
- EDPB - Binding Decision 1/2021 - 'WhatsApp' (category Article 4(24) GDPR) (section Additional infringement of Article 13(2)(e) GDPR)infringements of Article 12, 13 and 14 of the GDPR only. A limited assessment which, according to Hungarian and Italian DPAs, was faulty. Article 13(2)(e) GDPR provides29 KB (4,384 words) - 16:00, 6 December 2023
- Court of Appeal of Brussels - 2019/AR/1600 (category Article 5(1)(c) GDPR)violation of Article 6(1) GDPR; 2. Did not provide the complainant with enough information prior to the processing, in violation of Article 13 GDPR; 3. Processed60 KB (9,144 words) - 16:17, 22 March 2022
- UODO (Poland) - DKE.561.13.2020 (category Article 31 GDPR)Protection, pursuant to Article 83(3) and Article 83(4)(a) and Article 83(5)(e) of Regulation 2016/679, in conjunction with Article 103 of the Personal Data27 KB (4,446 words) - 09:51, 17 November 2023
- AEPD (Spain) - PS/00141/2020 (category Article 6(1)(a) GDPR)Judiciales (JAVA). JAVA infringed Article 6(1)(a) GDPR by publishing illegal recordings on its website and also infringed Article 22(2) LSSI due to its cookie26 KB (4,150 words) - 14:05, 13 December 2023
- UODO (Poland) - DKE.561.17.2020 (category Article 31 GDPR)entrepreneur. The DPA found that the controller violated Article 31 GDPR and Article 58(1)(e) GDPR and issued a warning to the entrepreneur. The entrepreneur22 KB (3,364 words) - 09:52, 17 November 2023
- UODO (Poland) - ZSPR.421.19.2019 (category Article 4(1) GDPR)connection with Article 31, Article 58(1)(e) and (f) in connection with Article 83(1-3) and Article 83(5)(e) of Regulation 2016/679 of the European Parliament29 KB (4,698 words) - 10:02, 17 November 2023
- CNIL (France) - SAN-2022-025 (category Article 4(11) GDPR)none of the exceptions in Article 82 of the Data Protection Act were applicable, and Apple had to obtain consent (Article 4(11) GDPR) before using the identifiers82 KB (13,463 words) - 17:03, 6 December 2023
- UODO (Poland) - DKE.561.16.2020 (category Article 31 GDPR)Protection, pursuant to Article 83(3) and Article 83(4)(a) and Article 83(5)(e) of Regulation 2016/679, in conjunction with Article 103 of the Personal Data28 KB (4,490 words) - 09:51, 17 November 2023
- Datatilsynet (Norway) - 20/01949 (category Article 5 GDPR)transparency, cf. Article 5(1)(a), and accuracy, cf. Article (5)(1)(d), they hadn't recorded the processing activity as required in Article 30, hadn't conducted49 KB (7,572 words) - 16:14, 6 December 2023
- Garante per la protezione dei dati personali (Italy) - 9445180 (category Article 5(1)(a) GDPR)pursuant to articles 57, paragraph 1, letter f) and 83 of the Regulations, as well as article 166 of the Code, for violation of articles 57, paragraph 1, letter34 KB (5,414 words) - 15:50, 6 December 2023
- AZOP (Croatia) - Decision 16-11-2021 (category Article 4(1) GDPR)wearing a protective mask did not consitute personal data according to Article 4(1) GDPR because it was impossible for the average person to identify the individual12 KB (1,882 words) - 15:24, 30 October 2023
- UODO (Poland) - DKE.561.2.2020 (category Article 58(1)(e) GDPR)connection with Article 31, Article 58(1)(e) in connection with Article 83(1-3) and Article 83(5)(e) of Regulation 2016/679 of the European Parliament and of27 KB (4,390 words) - 09:50, 17 November 2023
- APD/GBA (Belgium) - 19/2021 (category Article 12 GDPR)right to object under Article 21(2) GDPR in conjunction with Article 12(1) GDPR, Article 12(2) GDPR, Article 13 GDPR and Article 14 GDPR. Telenet asked for10 KB (1,290 words) - 16:55, 12 December 2023
- NAIH (Hungary) - NAIH-1091-10/2022 (NAIH-6936/2021) (category Article 12(4) GDPR)the GDPR, 16 - Article 5 (2) of the GDPR, - Article 7 (1) of the GDPR, - Paragraphs (1) – (4) of Article 12 of the GDPR and - Article 15 (1) and Article69 KB (11,255 words) - 10:08, 17 November 2023
- APD/GBA (Belgium) - 54/2021 (category Article 4 GDPR) (section The notion of processing of personal data within the meaning of Article 4 GDPR)processing of personal data within the meaning of Article 4 GDPR and is it justified on the basis of Article 6 GDPR? Can the controller raise the argument that73 KB (11,238 words) - 16:59, 12 December 2023
- AEPD (Spain) - PS/00101/2020 (category Article 6 GDPR)GLOBAL, SL, with NIF B55053482, for aviolation of Article 21.1 of the LSSI, typified in Article 38.4.d) of the LSSI, awarning penalty.SECOND: REQUIRE CATMEDIA13 KB (1,871 words) - 13:59, 13 December 2023
- AZOP (Croatia) - Decision 17-05-2022 (redirect from AZOP (Croatia) - Usž-27/22-4) (category Article 6 GDPR)consent, in line with Article 6(1)(a) GDPR. The Court recalled that Article 31 of the Croatian Law on the Implementation of the GDPR stipulates that the15 KB (2,261 words) - 15:55, 30 October 2023
- APD/GBA (Belgium) - 42/2022 (category Article 6(1)(f) GDPR)Chamber. Decision 42/2022 - 4/5 therefore to be regarded as manifestly unfounded within the meaning of Article 57.4 of the GDPR. 12. Finally, and in a subordinate13 KB (1,908 words) - 08:54, 29 June 2023
- AEPD (Spain) - E/09353/2019 (category Article 5(1)(f) GDPR)provisions of Article 55 of the RGPD, the Spanish Data Protection Agency is competent to carry out the functions assigned to it in Article 57 thereof, including8 KB (1,152 words) - 13:42, 13 December 2023
- Datatilsynet (Norway) - 20/02291 (category Article 5(1)(f) GDPR)patient data cf. Article 32 GDPR and Article 5(1)(f) GDPR and inadequate internal controls cf. Article 24 GDPR and Article 5(2) GDPR. Østfold Hospital45 KB (6,645 words) - 14:40, 28 March 2022
- FG München - Auskunftsanspruch nach Art. 15 DSGVO (category Article 15(3) GDPR)"lifting". (4.2) Exclusions (4.2.1) GDPR and AO restrictions 145 According to Art. 15 Para. 1 GDPR, the person concerned (Art. 4 No. 1 GDPR) has a right97 KB (16,519 words) - 09:57, 22 February 2023
- APD/GBA (Belgium) - 38/2021 (category Article 5 GDPR)consent of the 10 complainant (article 6.1 a) of the GDPR combined with article 7 of the GDPR), (2) article 6.1 c) of the GDPR in that the publication results73 KB (11,604 words) - 16:57, 12 December 2023
- AEPD (Spain) - PS/00005/2020 (category Article 5(1)(c) GDPR)possible non-compliance with the data minimisation principle, as per Article 5(1)(c) GDPR. The decision is the consequence of a complaint submitted by a Spanish13 KB (1,795 words) - 13:47, 13 December 2023
- AEPD (Spain) - PS/00291/2020 (category Article 5(1)(f) GDPR)- Madrid sedeagpd.gob.es 4/4 The exposed facts suppose, on the part of the claimed, the commission of the infraction of article 22.2 of the LSSI. This offense15 KB (2,246 words) - 14:26, 13 December 2023
- AEPD (Spain) - PS/00055/2020 (category Article 5(1)(c) GDPR)- Madridsedeagpd.gob.es Page 4 4/5EUR 000 000 maximum or, in the case of a company, an equivalent amountat a maximum of 4% of the total global annual turnover13 KB (1,964 words) - 13:52, 13 December 2023
- AEPD (Spain) - PS/00410/2019 (category Article 7 GDPR)(threethousand euros), for violation of article 22.2) of the LSSI Law, typified as “slight” in theArticle 38.4.g) of the aforementioned Law.SECOND: REQUIRE15 KB (2,192 words) - 14:36, 13 December 2023
- AEPD (Spain) - EXP202203969 (category Article 6(1) GDPR)in the article 57.1 and the powers granted in article 58.1 of the Regulation (EU) 2016/679 (General Data Protection Regulation, hereinafter GDPR), and in45 KB (7,135 words) - 13:08, 13 December 2023
- AEPD (Spain) - EXP202200399 (category Article 5(1)(f) GDPR)the database of the controller. Therefore, the controller violated Article 5(1)(f) GDPR. The DPA considered several aggravating factors, such as the fact10 KB (1,343 words) - 13:13, 13 December 2023
- AEPD (Spain) - PS/00332/2019 (category Article 5(1)(c) GDPR)2012 to 2019 that it was operating. Following Article 83(5)(a)GDPR, read in the lights of Recital (148) GDPR, the AEPD issued a reprimand to the owner of15 KB (2,275 words) - 14:29, 13 December 2023
- NAIH (Hungary) - NAIH/2020/5911/7 (category Article 12 GDPR)on the basis of the notification, Article 57 (1) f) of the General Data Protection Regulation and Article 38. § Article 1Regulation (EU) 2016/679 of the9 KB (1,337 words) - 10:13, 17 November 2023
- AEPD (Spain) - E/10529/2021 (category Article 45 GDPR)that the controller had not violated Article 45 GDPR nor any of the subsequent Articles from Chapter V of the GDPR. The AEPD took into account that the44 KB (6,642 words) - 10:34, 13 December 2023
- AEPD (Spain) - EXP202201718 (category Article 32 GDPR)functions assigned to the control authorities in the article 57.1 and the powers granted in article 58.1 of the Regulation (EU) 2016/679 (General Data Protection10 KB (1,503 words) - 10:35, 13 December 2023
- AEPD (Spain) - EXP202204806 (category Article 5(1)(b) GDPR)does with the recorded images” (folio nº 1). SECOND: In accordance with article 65.4 of Organic Law 3/2018, of 5 December, of Protection of Personal Data15 KB (2,313 words) - 10:35, 13 December 2023
- AEPD (Spain) - TD/00233/2020 (category Article 17 GDPR)accordance with the provisions of section 2 of article 56 in in relation to paragraph 1 f) of article 57, both of Regulation (EU) 2016/679 of the European17 KB (2,670 words) - 14:46, 13 December 2023
- BVwG - W245 2252208-1/36E and W245 2252221-1/30E (category Article 44 GDPR)even pseudonymised data (Art. 4 Para. 5 GDPR) from the term personal data are recorded in accordance with Art. 4 Para. 1 GDPR. It is undeniable that the MB158 KB (26,392 words) - 08:25, 7 June 2023
- UODO (Poland) - DKE.561.1.2020 (category Article 31 GDPR)and the Council in the context of Article 31, Article 58(1)(e) in conjunction with Article 83(1) to (3) and Article 83(5)(e) of Regulation 2016/679 of31 KB (5,101 words) - 09:52, 17 November 2023
- AEPD (Spain) - PS/00273/2019 (category Article 5(1)(c) GDPR)to article 4.1 of the RGPD, is a piece of information personal and their protection, is therefore the subject of the said Regulation. In Article 4(2) of16 KB (2,359 words) - 14:24, 13 December 2023
- AEPD (Spain) - TD/00164/2020 (category Article 12 GDPR)accordance with the provisions of section 2 of article 56 in in relation to paragraph 1 f) of article 57, both of Regulation (EU) 2016/679 of the European17 KB (2,571 words) - 14:51, 13 December 2023
- AEPD (Spain) - PS/00386/2019 (category Article 7 GDPR)Juan, 6www.aepd.es28001 - Madridsedeagpd.gob.es Page 4 4/5In accordance with the provisions of article 39.1. c) of the LSSI, minor infractions canwill be16 KB (2,335 words) - 14:33, 13 December 2023
- AZOP (Croatia) - Decision 28-08-2019 (category Article 4(1) GDPR)violation of Article 5, Article 6, and Article 25 GDPR. It ordered the controller to comply with the data subject's erasure request pursuant to Article 17(1)(d)16 KB (2,373 words) - 15:31, 30 October 2023
- BVwG - W258 2217446-1 (category Article 4(1) GDPR)personal data under Article 9(1) GDPR. Their processing would require the data subjects' explicit consent under Article 9(2)(a) GDPR and § 151(4) GewO, ordered79 KB (12,652 words) - 09:41, 10 September 2021
- AEPD (Spain) - TD/00277/2020 (category Article 17 GDPR)accordance with the provisions of section 2 of article 56 in in relation to paragraph 1 f) of article 57, both of Regulation (EU) 2016/679 of the European40 KB (6,518 words) - 13:29, 13 December 2023
- UODO (Poland) - ZSPR.421.3.2018 (category Article 4(1) GDPR)mentioned in the Art. 14 GDPR. 4) No, in the assessment of the President of UODO, sending out information related to Art. 14 GDPR by regular mail to the52 KB (8,444 words) - 10:01, 17 November 2023
- AEPD (Spain) - PS/00188/2019 (category Article 5(1)(f) GDPR)infringement of Article 5.1.f) of the RGPD typified in Article 83.5.a) of the RGPD and considered very serious, for the purposes of prescription, in Article 72.139 KB (6,623 words) - 14:08, 13 December 2023
- APD/GBA (Belgium) - 15/2021 (category Article 5(2) GDPR)rectification.(article 16 of the GDPR), the right to be forgotten (article 17 of the GDPR), and the right to limit the use ofdata processed unlawfully (article 1885 KB (13,724 words) - 16:52, 12 December 2023
- AEPD (Spain) - PS/00315/2019 (category Article 13 GDPR)information provided was in breach of Article 13 GDPR. Therefore, the authority warned the controller (Article 83(5) GDPR) and requested to complete the notice17 KB (2,633 words) - 14:28, 13 December 2023
- AEPD (Spain) - PS/00116/2020 (category Article 13 GDPR)cookies, as per Article 22(2) Spanish Law on Information Society Services (LSSI). This law regulates cookies, connected to Article 13 GDPR. The decision16 KB (2,380 words) - 14:01, 13 December 2023
- AEPD (Spain) - TD/00317/2019 (category Article 12 GDPR)accordance with the provisions of section 2 of article 56 inrelationship with paragraph 1 f) of article 57, both of Regulation (EU) 2016/679 ofEuropean Parliament18 KB (2,591 words) - 14:47, 13 December 2023
- VGH Baden-Württemberg - 1 S 397/19 (category Article 5(1)(d) GDPR)force: "According to Article 16 sentence 1 GDPR, every data subject has the right to request the controller (see Article 4(7) GDPR) to correct incorrect112 KB (19,310 words) - 08:08, 23 June 2022
- AEPD (Spain) - PS/00082/2020 (category Article 5(1)(c) GDPR)6www.aepd.es28001 - Madridsedeagpd.gob.es Page 4 4/7FOUNDATIONS OF LAWIBy virtue of the powers that article 58.2 of the RGPD recognizes to each authoritycontrol18 KB (2,749 words) - 13:57, 13 December 2023
- BVerfG - 1 BvR 276/17 (category Article 17 GDPR)violation of the general right of personality under Article 1.1, Article 2.1 of the Basic Law (Article 7, Article 8 of the Basic Law) was to be taken into account127 KB (21,367 words) - 16:00, 22 March 2022
- HDPA (Greece) - 25/2022 (category Article 5(1)(a) GDPR)principles of article 5 par. 1 GDPR. It's not a coincidence that the GDPR includes accountability (already mentioned above article 5 par. 2 GDPR) in the regulation48 KB (7,803 words) - 13:29, 11 October 2022
- AZOP (Croatia) - Decision 30-12-2021 (category Article 5(1)(a) GDPR)had a legal basis under Article 6(1) GDPR to publish the data subject’s personal data, and did not violate Article 5(1)(a) GDPR. In the decision, the Croatian16 KB (2,411 words) - 15:44, 30 October 2023
- AEPD (Spain) - PS/00461/2019 (category Article 5(1)(c) GDPR)fine on the defendant and stated he has to comply with Article 5(1)(c) and Article 83(2)(a)(b) GDPR. Share your comments here! Share blogs or news articles15 KB (2,366 words) - 14:41, 13 December 2023
- AEPD (Spain) - PS/00036/2020 (category Article 13 GDPR)based comply with Article 13 of the GDPR? The Spanish DPA found that the facts constituted an infringement for violation of Article 13 of the RGPD, and16 KB (2,587 words) - 13:50, 13 December 2023
- AEPD (Spain) - PS/00402/2019 (category Article 6 GDPR)second complaint alleging the ongoing violation of Article 6 GDPR. The AEPD finds the violation of Article 6 quite apparent and focuses on the criteria to15 KB (2,327 words) - 14:34, 13 December 2023
- AZOP (Croatia) - Decision 31-05-2022 (category Article 25 GDPR)Personal Data Protection Agency, OIB: 28454963989 based on Article 57 paragraph 1 and Article 58 paragraph 1 of Regulation (EU) 2016/679 of the European17 KB (2,433 words) - 15:45, 30 October 2023
- AEPD (Spain) - PS/00450/2019 (category Article 5(1)(f) GDPR)personal data concerning him". In this sense, Article 6.1 of the RGPD establishes that "in accordance with Article 4.11 of Regulation (EU) 2016/679, consent17 KB (2,620 words) - 14:43, 13 December 2023
- EDPB - Binding Decision 2/2022 - 'Instagram' (category Article 5(1)(c) GDPR)the performance of a contract (Article 6(1)(b) GDPR) and for legitimate interest (Article 6(1)(f) GDPR). Article 6(1)(b) GDPR In its original draft decision276 KB (38,206 words) - 09:46, 20 January 2023
- AEPD (Spain) - 0098/2022 (category Article 6(1)(e) GDPR)under Article 36 GDPR) regarding the compliance of the envisaged processing with the GDPR. According to the Commission, the legal basis was Article 6(1)(e)56 KB (8,102 words) - 13:57, 1 February 2023
- AEPD (Spain) - TD/00034/2020 (category Article 9(2)(h) GDPR)competent to decide, in accordance with the provisions of Article 56(2) in relation to Article 57(1)(f), both of Regulation (EU) 2016/679 of the European17 KB (2,730 words) - 14:50, 13 December 2023
- AEPD (Spain) - TD/00085/2020 (category Article 12 GDPR)the Spanish Agency of Data Protection, as laid down in Article 56(2) in relation to Article 57(1)(f), both of Regulation (EU) 2016/679 of the European17 KB (2,654 words) - 14:50, 13 December 2023
- AEPD (Spain) - PS/00479/2019 (category Article 5(1)(c) GDPR)minimisation principle related, as per Article 5(1)(c) GDPR, and the lack of transparent information, as per Article 12 GDPR. The decision is the consequence17 KB (2,541 words) - 14:43, 13 December 2023
- AZOP (Croatia) - Decision 29-06-2022 (Center for Social Welfare) (category Article 5 GDPR)under a legal obligation to process these data. Article 29 of the Croatian Labour Act and Article 5(4) of the Labour Law Rulebook (Official Gazette, no17 KB (2,660 words) - 15:35, 30 October 2023
- AEPD (Spain) - TD/00318/2019 (category Article 12 GDPR)considered a violation pursuant to Article 72(1)(m) of the LOPDGDD, which would be sanctioned according to Article 58(2) GDPR. Share your comments here! Share20 KB (2,999 words) - 14:52, 13 December 2023
- AEPD (Spain) - PS/00174/2019 (category Article 5(1)(f) GDPR)organisation contravene Article 5(1)(f) GDPR? The AEPD found that the disclosure of her personal data to the 400 members violated Article 5(1)(f) GDPR. The AEPD stressed18 KB (2,714 words) - 14:07, 13 December 2023
- AEPD (Spain) - PS/00439/2019 (category Article 5(1)(c) GDPR)Protection, in accordance with the provisions of section 2 of article 56 in in relation to Article 57 (1) f), both of Regulation (EU) 2016/679 of the European21 KB (2,946 words) - 14:40, 13 December 2023
- AEPD (Spain) - TD/00262/2019 (category Article 17 GDPR)exercised by a complainant pursuant to Article 17 GDPR and analysed the exercise of the rights under Articles 15-22 GDPR. On 15 February 2019, Mrs A.A.A. (hereinafter17 KB (2,751 words) - 14:51, 13 December 2023
- AEPD (Spain) - TD/00182/2019 (category Article 15 GDPR)decide on this matter, in accordance with the provisions of Article 56(2) in relation to Article 57(1)(f), both of Regulation (EU) 2016/679 of the European18 KB (2,922 words) - 14:51, 13 December 2023
- Commissioner (Cyprus) - 11.17.001.008.001 (category Article 5(1)(f) GDPR)data within the meaning of Article 4 (2)of the Regulation.Responsible for processing Bank of Cyprus Public Company Ltd (article 4 (7) ofRegulation). Data61 KB (9,412 words) - 16:52, 6 December 2023
- CNIL (France) - SAN-2020-009 (category Article 5(1)(a) GDPR)and 13 GDPR? Is the information provided to data subjects throughout the subscription process in compliance with the provisions of Article 13 GDPR? Does48 KB (7,404 words) - 17:09, 6 December 2023
- AEPD (Spain) - TD/00109/2020 (category Article 15 GDPR)the Spanish Agency of Data Protection, as laid down in Article 56(2) in in relation to Article 57(1)(f), both of Regulation (EU) 2016/679 of European Parliament19 KB (3,100 words) - 14:50, 13 December 2023
- AEPD (Spain) - PS/00030/2020 (category Article 12 GDPR)sedeagpd.gob.es 4/7 Article 22 section 4 LOPDGDD (LO 3/2018, December 5) provides the following: “The duty of information provided for in article 12 of Regulation19 KB (2,965 words) - 13:49, 13 December 2023
- AEPD (Spain) - PS/00004/2020 (category Article 5(1)(c) GDPR)of thethe law establishes a series of limitations. Article 1 of the Organic Law4/1997, of August 4, which regulates the use of video cameras by theState18 KB (2,798 words) - 13:44, 13 December 2023
- AEPD (Spain) - PS/00405/2020 (category Article 6(1)(a) GDPR)complained party, by the alleged infringement of article 6.1.a) of the RGPD, typified in article 83.5 of the GDPR. EIGHTH: The agreement to initiate this sanctioning20 KB (3,047 words) - 14:35, 13 December 2023
- AEPD (Spain) - EXP202200367 (category Article 5(1)(a) GDPR)in the article 57.1 and the powers granted in article 58.1 of the Regulation (EU) 2016/679 (General Data Protection Regulation, hereinafter GDPR), and in57 KB (8,117 words) - 10:35, 13 December 2023
- AZOP (Croatia) - Decision 21-01-2022 (category Article 5(1)(a) GDPR)controller thus also violated Article 14 GDPR. However, the DPA did not use any of their corrective powers as listed in Article 58(2) GDPR. Share your comments18 KB (2,722 words) - 15:26, 30 October 2023
- AEPD (Spain) - PS/00454/2019 (category Article 5(1)(c) GDPR)procedure to the claimed, by thealleged violation of Article 5.1.c) of the GDPR, typified in Article 83.5 of theRGPD. FIFTH: Consulted the database of this12 KB (1,832 words) - 14:41, 13 December 2023
- AEPD (Spain) - TD/00129/2020 (category Article 4(1) GDPR)recording is "processing" of "personal data" within the meaning of Article 4(1) and 4(2) GDPR. Therefore, the data subject has the right to request access to22 KB (3,422 words) - 14:50, 13 December 2023
- AEPD (Spain) - PS/00206/2020 (category Article 6 GDPR)6www.aepd.es28001 - Madridsedeagpd.gob.es Page 4 4/8FOUNDATIONS OF LAWIBy virtue of the powers that article 58.2 of the RGPD recognizes to eachcontrol authority20 KB (3,078 words) - 14:10, 13 December 2023
- AEPD (Spain) - PS/00374/2018 (category Article 5(1)(c) GDPR)the defendant, for violation of Article 6.1, of the RGPD, which states that: "in accordance with the provisions of Article 4.11 of Regulation (EU) 2016/67918 KB (2,711 words) - 13:43, 13 December 2023
- AEPD (Spain) - TD/00010/2020 (category Article 12 GDPR)AEPD pursuant to Article 72(1)(m). The AEPD does not specify the provision of Article 21 on which it bases its decision. Article 21 GDPR states that the16 KB (2,571 words) - 14:49, 13 December 2023
- AEPD (Spain) - PS/00149/2020 (category Article 6 GDPR)unsolicited commercial emails without a legal basis, connected to Article 6 of the GDPR—, as the defendant agreed to an early and guilty voluntary payment19 KB (2,795 words) - 14:06, 13 December 2023
- CNPD (Luxembourg) - Délibération n° 20FR/2021 (category Article 38(1) GDPR)the inspected with section 4 of chapter 4 of the GDPR. 3. […] the inspectorate [is active in the field of transport] […]. 4. The controlled has approximately66 KB (9,458 words) - 19:42, 4 September 2021
- OLG Innsbruck - 1 R 182/19b (category Article 82 GDPR)had fulfilled its obligation to provide information pursuant to Article 12(3) and Article 4(7) of the Basic Law (Voriger SuchbegriffDSGVONächster Suchbegriff)54 KB (7,916 words) - 12:06, 9 May 2022
- AEPD (Spain) - PS/00262/2020 (category Article 5(2) GDPR)Spanish DPA (AEPD) fined XFERA MÓVILES, S.A. €40000 for violating Article 6(1) GDPR by illegally processing personal data of the claimants in a fraudulent22 KB (3,293 words) - 14:23, 13 December 2023
- AEPD (Spain) - PS/00491/2020 (category Article 6(1) GDPR)violation of Article 13 GDPR and issued a warning to the controller. The AEPD took into account the following aggravating factors (Article 83 (2) GDPR) to determine19 KB (2,957 words) - 14:45, 13 December 2023
- AEPD (Spain) - PS/00155/2021 (category Article 58(1) GDPR)sanction Vodafone in accordance with Article 83(5)(e) GDPR, for the non-compliance with an order pursuant to Article 58(1) GDPR. For this infringement, the AEPD20 KB (2,992 words) - 13:30, 13 December 2023
- HDPA (Greece) - 44/2019 (category Article 5(1) GDPR)internal compliance and accountability according to Article 5(1) GDPR, Article 5(2) GDPR and Article 6(1) GDPR. Since the company had totally ignored the its127 KB (21,184 words) - 15:39, 6 December 2023
- AEPD (Spain) - EXP202201746 (category Article 83(4) GDPR)infringement of Article 32 GDPR. Therefore, the Spanish DPA issued a warning sanction for each violation of Article 5(1)(f) and Article 32 GDPR. AEPD highlighted62 KB (9,703 words) - 13:05, 13 December 2023
- EWHC (UK)- QB- Soriano v Forensic News LLC (category Article 3(1) GDPR)conferred by article 79(2) of the GDPR. This is the relevant provision for the purposes of para 3.1(20) of CPR Practice Direction 3B. Article 79(2) provides:108 KB (18,178 words) - 11:57, 29 November 2021
- Garante per la protezione dei dati personali (Italy) - 9445324 (category Article 5(1)(a) GDPR)for in Article 83, paragraph 5, of the Regulation applicable, pursuant to Article 58, paragraph 2, letter i), of the Regulation itself and Article 166, paragraph19 KB (2,989 words) - 15:51, 6 December 2023
- APD/GBA (Belgium) - 31/2020 (category Article 5(1)(c) GDPR)this case under Article 6(1)(a) or 6(1)(c)? If Article 6(1)(a) applies, do the requirements for parental consent under Article 8 GDPR also apply? Did the48 KB (7,926 words) - 16:56, 12 December 2023
- RvS - 201905347/1/A3 (category Article 6(4) GDPR)decision of the Minister is no longer based on Article 17(3) GDPR. Instead the decision is based on Article 6(4) GDPR. However the Minister did not explain well25 KB (3,824 words) - 22:46, 10 October 2020
- AEPD (Spain) - TD/00261/2020 (category Article 12 GDPR)accordance with the provisions of section 2 of article 56 in in relation to paragraph 1 f) of article 57, both of Regulation (EU) 2016/679 of the European23 KB (3,523 words) - 14:46, 13 December 2023
- AEPD (Spain) - PS/00102/2020 (category Article 5(1)(f) GDPR)gob.es Page 4 11/4In this sense, Organic Law 3/2018, of December 5, on the Protection ofPersonal Data and guarantee of digital rights article 6.1 of the21 KB (3,082 words) - 13:59, 13 December 2023
- VG Schwerin - 1 A 1254/20 SN (category Article 4(7) GDPR)his claim on Article 78(1) of the GDPR in conjunction with Article 57 of the GDPR. Article 57 of the GDPR. The scope of Article 57 of the GDPR is indeed open37 KB (6,156 words) - 10:12, 26 May 2021
- AZOP (Croatia) - Decision 10-08-2023 (category Article 5 GDPR)this the AZOP held that the controller acted contrary to Article 5(1)(a) GDPR and Article 6 GDPR. Moreover, the AZOP reiterated the fact that the pictures19 KB (2,955 words) - 16:29, 5 December 2023
- AEPD (Spain) - PS/00423/2019 (category Article 13 GDPR)information under Article 13 GDPR is illegal. Consequently, the APED decided to issue a fine of €1.500 for the violation of Article 13 GDPR. Share your comments23 KB (3,636 words) - 14:38, 13 December 2023
- Commissioner (Cyprus) - 11.17.001.010.201 (category Article 5(1)(a) GDPR)personal data (Article 5 GDPR). 9 4. Conclusion 4.1 Having regard to all the above facts, as stated and, based on the powers granted to me by Article 58 of the23 KB (3,737 words) - 10:30, 7 June 2023
- AEPD (Spain) - PS/00339/2019 (category Article 5(1)(f) GDPR)the powers of investigation granted to the supervisory authorities in article 57.1 of Regulation (EU) 2016/679 (General Data Protection Regulation, hereinafter18 KB (2,781 words) - 14:30, 13 December 2023
- AEPD (Spain) - PS/00014/2020 (category Article 6(1) GDPR)SIXTH: On March 4, 2020, a motion for a resolution was formulated, A78923125, for a violation of article 6 of the RGPD, typified in article 83.5 of the RGPD21 KB (3,441 words) - 13:46, 13 December 2023
- AZOP (Croatia) - Decision 29-06-2022 (bank) (category Article 5 GDPR)the principles of lawfulness and fairness of Article 5 GDPR and without a legal basis under Article 6 GDPR. A bank (the controller) organized prize games20 KB (3,166 words) - 15:36, 30 October 2023
- DSB (Austria) - D122.844/0006-DSB/2018 (category Article 12(5) GDPR)under Article 15 GDPR and demanded free access to the historic bank transaction data. The bank argued that this would be a misuse of Article 15 GDPR and19 KB (2,936 words) - 13:55, 12 May 2023
- APD/GBA (Belgium) - 57/2024 (category Article 12 GDPR)the meaning of Article 100 of the WOG. The Disputes Chamber has thus decided, on the basis of Article 58.2.a) GDPR and Article 95, § 1, 4° of the WOG, to21 KB (3,085 words) - 14:47, 29 April 2024
- AEPD (Spain) - PS/00240/2019 (category Article 5(1)(b) GDPR)Therefore, given that Article 6(1), Article 5(1)(a), Article 5(1)(d), Article 5(1)(c), and Article 14 GDPR were infringed in connection to Article 5(1)(b), the602 KB (102,229 words) - 14:21, 13 December 2023
- APD/GBA (Belgium) - 105/2022 (category Article 4(1) GDPR)(Article 57, 1., a) GDPR), and the performance of all other tasks related to the protection of personal data (Article 57, 1., v) GDPR) .2 21. In that regard44 KB (6,420 words) - 11:00, 6 July 2022
- AP (The Netherlands) - 24.02.2022 (category Article 13(1)(e) GDPR)violation of article 32, paragraph 1, GDPR and article 13, paragraph 1, sub, GDPR BZ should end these violations as soon as possible. article58, paragraph2179 KB (22,957 words) - 17:07, 12 December 2023
- AEPD (Spain) - PS/00502/2020 (category Article 21 GDPR)registered on the Robinson List in breach of Article 48(1)(b) LGT and Article 21 GDPR in conjunction with Article 23(4) LOPDGDD. Avilon Center SL made an voluntary23 KB (3,590 words) - 14:45, 13 December 2023
- Korkein hallinto-oikeus (Finland) - KHO:2024:34 (category Article 17(1) GDPR)Regulation) Article 1, paragraph 2, Article 5, Article 6, paragraph 1, subparagraph f, Article 17(1)(a), (c) and (d), Article 17(3)(a), Article 21(1) Judgments60 KB (9,713 words) - 13:07, 26 March 2024
- EDPB - Binding Decision 4/2022 - 'Meta (Instagram)' (category Article 4 GDPR)accordance with Article 60(3) GDPR. Ten DPAs (AT, DE, ES, FI, FR, HU, IT, NL, NO, SE) raised objections, in accordance with Article 60(4) GDPR, to the Draft468 KB (51,340 words) - 14:10, 30 January 2023
- Datatilsynet (Norway) - 19/02450 (category Article 12(4) GDPR)provisions of Article 12, paragraphs 1, 2 and 4. In other cases where registered complaints applies to Article 12, paragraph 1. 9 Article 12 (4) of the Privacy46 KB (7,180 words) - 17:22, 9 March 2022
- APD/GBA (Belgium) - 57/2023 (category Article 5(1) GDPR)violation of Article 5(1)(a), Article 12(1) and (2), Article 13(1)(c) and (2)(a) of the GDPR. II.4. Article 5 GDPR, Article 24 (1) GDPR and Article 25 (1) and99 KB (15,129 words) - 09:21, 31 May 2023
- DSB (Austria) - 2021-0.347.702 (category Article 6(1)(f) GDPR)or by a third party. The court used Article 9(2)(f) GDPR to interpret legitimate interests under Article 6(1)(f) GDPR as including the establishment, exercise25 KB (3,875 words) - 10:36, 11 January 2024
- CNPD (Luxembourg) - Délibération n° 6FR/2023 (category Article 31 GDPR)controller for the purposes of Article 4(7) GDPR, and Company A was the processor for the purposes of Article 4(8) GDPR. The DPA found that both Companies55 KB (9,079 words) - 16:57, 6 December 2023
- AEPD (Spain) - EXP202102529 (category Article 4(15) GDPR)these investigative actions. In light of provisions (Article 4 (15) GDPR, Article 9 GDPR, Article 6 GDPR) the vaccination of a person against Covid-19 implies42 KB (6,246 words) - 16:36, 9 January 2024
- AEPD (Spain) - PS/00324/2019 (category Article 13 GDPR)found that the El Maestro Cerrajero SL’s privacy policy complied with Article 13 GDPR, after the page was updated by the controller during the procedure.22 KB (3,480 words) - 14:28, 13 December 2023
- AEPD (Spain) - PS/00168/2020 (category Article 6(1) GDPR)violation of Article 6(1) GDPR? AEPD considered that the documentation provided offers evidence that Vodafone violated Article 6(1) of the GDPR, by processing22 KB (3,568 words) - 14:06, 13 December 2023
- APD/GBA (Belgium) - 57/2021 (category Article 5(1)(a) GDPR)result of the violations of article 5.1 a), article 5.2, article 6.1, article 12.1, article 13.1 c) and d) and article 13.2 b) GDPR. 21. On 17 June 2020, the99 KB (15,064 words) - 14:05, 2 June 2021
- AEPD (Spain) - PS/00060/2020 (category Article 58(1)(a) GDPR)personal data under Article 15 GDPR? The Spanish DPA held that the airline company had not complied with the right to access in Article 15 GDPR when it refused23 KB (3,695 words) - 13:53, 13 December 2023
- Rb. Midden-Nederland - UTR 21/2957 (category Article 57 GDPR)this court of 4 May 2021. With reference to its prioritization policy, as laid down in Article 57, first paragraph, under f, of the GDPR, the respondent19 KB (2,958 words) - 08:33, 14 September 2022
- AEPD (Spain) - EXP202204530 (category Article 6(1) GDPR)in the article 57.1 and the powers granted in article 58.1 of the Regulation (EU) 2016/679 (General Data Protection Regulation, hereinafter GDPR), and in26 KB (3,971 words) - 13:26, 13 December 2023
- AEPD (Spain) - PS/00043/2020 (category Article 13 GDPR)specified period - article 58. 2 d) -. According to the provisions of article 83.2 of the RGPD, the measure provided for in article 58.2 d) of the aforementioned24 KB (3,838 words) - 13:51, 13 December 2023
- AEPD (Spain) - EXP202305050 (category Article 58(1) GDPR)LPACAP), for the alleged infringement of Article 58.1 of the GDPR, typified in the Article 83.5 of the GDPR Regulation (EU) 2016/679 (General Regulation57 KB (9,217 words) - 10:44, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9542096 (category Article 12(3) GDPR)a violation of Article 12(3) in relation to Article 15 GDPR. The Garante hence applied an administrative fine as per Article 83(5) GDPR. The amount of21 KB (3,092 words) - 15:54, 6 December 2023
- HDPA (Greece) - 56/2021 (category Article 13 GDPR)and Article of 11Law No. 3471/2006, in accordance with Article 13(58i2) of the GDPR in conjunction with Article 83(1)(a) of the GDPR. 5 of the GDPR, and54 KB (8,916 words) - 15:22, 22 February 2022
- APD/GBA (Belgium) - 105/2023 (category Article 5(1)(a) GDPR)therefore an infringement of Article 5 at the time of the facts. 1, a) GDPR, Article 6, Article 12.1 GDPR and Article 14.1 a) GDPR. 90. In addition, a controller102 KB (15,787 words) - 07:39, 6 September 2023
- AEPD (Spain) - PS/00275/2019 (category Article 5(1)(f) GDPR)LPACAP), for the alleged infringement of Article 5.1(f) of the GDPR, as defined in Article 83.5(a) of the GDPR. FOURTH: Having been notified of the above-mentioned21 KB (3,335 words) - 14:25, 13 December 2023
- AEPD (Spain) - EXP202315744 (category Article 17 GDPR)provisions of article 55 of the RGPD, the Spanish Agency for Data Protection is competent to perform the functions assigned to it in its article 57, among them20 KB (3,052 words) - 08:17, 16 April 2024
- AEPD (Spain) - TD/00054/2020 (category Article 12 GDPR)the Spanish Agency of Data Protection, as laid down in Article 56(2) in in relation to Article 57(1)(f), both of Regulation (EU) 2016/679 of European Parliament22 KB (3,500 words) - 14:50, 13 December 2023
- AEPD (Spain) - PS/00102/2021 (category Article 6(1) GDPR)pictures of the individuals without their consent was a violation of Article 6 GDPR. Because of that, they fined Hazte Oir €5000, with a possibility of21 KB (3,099 words) - 13:59, 13 December 2023
- Datatilsynet (Denmark) - 2019-41-0028 (category Article 32 GDPR)security . That Krifa - in accordance with Article 5 (1) of the Data Protection Regulation. 2, cf. Article 32 (1) (f), cf. 1 and 2 - has demonstrated that24 KB (3,947 words) - 16:24, 6 December 2023
- CNPD (Luxembourg) - Délibération n° 24FR/2022 (category Article 12(1) GDPR)23Investigation report, page 34, point 4.4.8.1. 24Investigation report, page 34, point 4.4.8.2.1.1 25Investigation report, page 34, point 4.4.8.2.2.1 _______________82 KB (11,472 words) - 16:58, 6 December 2023
- AEPD (Spain) - EXP202207084 (category Article 2(2)(c) GDPR)is you, I remind you not in vain, (...)". SECOND: In accordance with article 65.4 of Organic Law 3/2018, of 5 December, Protection of Personal Data and15 KB (2,384 words) - 10:46, 13 December 2023
- AEPD (Spain) - E/08210/2021 (category Article 4(22) GDPR)authority. Under Article 60 GDPR, the following DPAs were identified as “concerned supervisory authorities” under Article 4(22) GDPR: the Netherlands,29 KB (4,457 words) - 10:34, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9451734 (category Article 9(4) GDPR)delegated to the Guarantor. In accordance with Article 78 of the Regulation, Article 152 of the Code and Article 10 of Legislative Decree no. 150/2011, it is24 KB (3,697 words) - 15:52, 6 December 2023
- UODO (Poland) - ZSPU.421.3.2019 (category Article 5(1)(a) GDPR)and Article 57(1)(a), Article 58(2)(d) and (i) in connection with Article 5(1)(a), (e) and (f) and (2), Article 24(1) and (2), Article 28, Article 30(1)(d)58 KB (9,357 words) - 10:02, 17 November 2023
- APD/GBA (Belgium) - 39/2020 (category Article 5(1)(f) GDPR)obtained from them, as required under Article 14(1)(a) AVG and Article 14(2)(c)(e) and point (f) AVG; c. article 12 j° article 14 AVG, in view of the defendant62 KB (10,509 words) - 16:58, 12 December 2023
- OLG Linz - 2R149/21a (category Article 57(3) GDPR)successful legal representation in a procedure under Article 77 GDPR as a damage under Article 82 GDPR from the controller. A district authority had issued26 KB (4,023 words) - 11:52, 21 January 2022
- AEPD (Spain) - PS/00247/2020 (category Article 7 GDPR)L. for the infringement of Article 13 GDPR (data privacy policy) and a warning penalty for the infringement of Article 7 GDPR regarding the collection of24 KB (3,893 words) - 14:22, 13 December 2023
- AEPD (Spain) - TD/00248/2020 (category Article 12 GDPR)accordance with the provisions of section 2 of article 56 in in relation to paragraph 1 f) of article 57, both of Regulation (EU) 2016/679 of the European25 KB (3,972 words) - 14:47, 13 December 2023
- AEPD (Spain) - PS/00028/2021 (category Article 5(1)(c) GDPR)obtain such recordings through the camera, with grounds on Article 6(1)(e) GDPR and Article 22 of the Spanish Data Protection Act (LOPDGDD), that allows25 KB (3,876 words) - 13:48, 13 December 2023
- AEPD (Spain) - PS/00356/2020 (category Article 6(1) GDPR)sanctioning procedure against VODAFONE ESPAÑA S.A.U. for infringing Article 6(1) GDPR. Vodafone, recognising its responsibility, made an early payment of26 KB (3,848 words) - 14:31, 13 December 2023
- AEPD (Spain) - PS/00235/2019 (category Article 6(1)(a) GDPR)twenty thousand euros), under¬ Article 6.1 (a) and Article 5.1 (a) of the GDPR, under consideration as ‘very serious’, in¬ Article 71 (1) (a) and (b), respectively24 KB (4,074 words) - 14:21, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9468523 (category Article 5(1) GDPR)genetic, psychic, economic, cultural or social identity "(Article 4, par. 1, 1, of the GDPR). The processing of personal data must also take place in compliance22 KB (3,488 words) - 15:52, 6 December 2023
- AEPD (Spain) - E/00113/2019 (category Article 4(11) GDPR)unequivocal consent to the processing of his personal data according to Article 4(11) GDPR. The AEPD noted that to determine whether FEDA, having regard to the27 KB (4,497 words) - 13:38, 13 December 2023
- AEPD (Spain) - TD/00254/2020 (category Article 15 GDPR)accordance with the provisions of section 2 of article 56 in in relation to paragraph 1 f) of article 57, both of Regulation (EU) 2016/679 of the European25 KB (3,791 words) - 14:47, 13 December 2023
- APD/GBA (Belgium) - 170/2023 (category Article 24 GDPR)accordance with Article 33 GDPR to the Belgian DPA. Nonetheless, there were suspicions that the controller did not comply with Article 32 GDPR. Especially24 KB (3,525 words) - 15:29, 26 January 2024
- AEPD (Spain) - PS/00092/2020 (category Article 13 GDPR)reprimand to the company for not complying with Article 13 GDPR, since it failed to even mention the GDPR in its Privacy Policy. Share your comments here22 KB (3,514 words) - 13:58, 13 December 2023
- Datatilsynet (Norway) - 23/00708 (category Article 32(4) GDPR)per Article 57(1)(a) GDPR, Article 57(1)(h) GDPR, cf. Article 58(1)(a) GDPR, Article 58(1)(b) GDPR, Article 58(1)(e) GDPR and Article 58(1)(f) GDPR. The59 KB (8,718 words) - 14:50, 20 December 2023
- AZOP (Croatia) - Decision 18-12-2020 (category Article 5(1)(c) GDPR)information. Article 7 of said act, however, states that public figures cannot expect the same level of protection as other citizens. Article 8 also states21 KB (3,345 words) - 15:24, 30 October 2023
- AEPD (Spain) - PS/00415/2019 (category Article 6(1) GDPR)regard to Article 83.2 (k) of the RGPD, the LOPDGDD, Article 76, "Sanctions and corrective measures", provides: "2. In accordance with Article 83(2)(k)22 KB (3,521 words) - 14:36, 13 December 2023
- AEPD (Spain) - EXP202105680 (category Article 9 GDPR)very serious in article 72.1. e) from the LOPDGDD, with 10,000 euros. -article 13 of the GDPR, in accordance with article 83.5 b) of the GDPR, and for the66 KB (10,558 words) - 13:14, 13 December 2023
- AEPD (Spain) - PS/00010/2020 (category Article 6(1)(a) GDPR)AEPD held that the telecoms company 's actions were a breach of Article 6(1) GDPR. Article 6(1) does not apply here because they failed to prove that they22 KB (3,523 words) - 13:45, 13 December 2023
- DSB (Austria) - 2021-0.820.321 (category Article 57(1)(f) GDPR)basis: Article 51 (1), Article 57 (1) (f) and Article 77 (1) of Regulation (EU) 2016/679 (General Data Protection Regulation, hereinafter: GDPR), OJ No18 KB (2,823 words) - 13:18, 9 December 2021
- AEPD (Spain) - PS/00185/2020 (category Article 13 GDPR)security of processing (Article 32 GDPR), the transparency principle (Article 13 GDPR) and its information duties related to cookies (Article 22(2) of the Spanish20 KB (3,162 words) - 14:08, 13 December 2023
- UODO (Poland) - DKN.5131.11.2020 (category Article 34(4) GDPR)the Foundation. The DPA held that the Foundation violated Article 33(1), Article 34(1) GDPR by failing to notify the DPA of a personal data protection51 KB (8,179 words) - 12:07, 11 August 2021
- AEPD (Spain) - PS/00009/2020 (category Article 6(1) GDPR)defendant) for the infringement of Article 6(1) of the GDPR, as the defendant agreed to an early voluntary payment of the corresponding part (48,000 €) of the27 KB (4,150 words) - 13:45, 13 December 2023
- DSB (Austria) - 2022-0.083.310 (category Article 2(2)(a) GDPR)data, claiming that this would constitute a violation against Article 5 GDPR and Article 6 GDPR. The Federal Minister of Finances denied the competence of52 KB (8,272 words) - 16:33, 18 January 2024
- Tietosuojavaltuutetun toimisto (Finland) - 4282/161/21 (category Article 5(1)(f) GDPR)controller had violated Article 5(1)(f) GDPR, Article 17(1) GDPR, Article 25(1) GDPR, Article 32(1) GDPR and Article 32(2) GDPR. As a result, the DPA issued56 KB (8,980 words) - 08:47, 4 March 2024
- APDCAT (Catalonia) - PS 57/2023 (category Article 5(1)(f) GDPR)provided for article 77.1 of the LOPDGDD, results from the application of the general sanctioning regime provided for in article 83 of the RGPD. Article 83.5 of52 KB (7,751 words) - 14:16, 17 April 2024
- EDPB - Binding Decision 5/2022 - 'Whatsapp' (category Article 4 GDPR)After considering the objections in light of Article 4(24) GDPR and the factors outlined in Article 83(2) GDPR the EDPB instructed the DPC to impose an administrative289 KB (33,568 words) - 15:00, 1 February 2023
- Datatilsynet (Norway) - 20/01879 (category Article 24 GDPR)highly sensitive personal data exposed, thus breaching Article 32(1)(b) GDPR and Article 32(2), cf. Article 24. An employee in a municipal health care center30 KB (4,302 words) - 18:53, 5 March 2022
- AEPD (Spain) - EXP202206302 (category Article 6 GDPR)sanctioning procedure, under Article 83(5)(a) of the GDPR, against AAA on 21 December 2022, due to a infringement of Article 6. AAA was the father of the28 KB (4,608 words) - 13:27, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9542155 (category Article 5(2) GDPR)of Bologna for violation of Articles 5(2)(f) and 9 GDPR. On the basis of Articles 58(2)(i) and 83 GDPR, the Garante imposed a fine of € 18 000 on the Local26 KB (4,162 words) - 15:54, 6 December 2023
- AEPD (Spain) - E/03379/2021 (category Article 13 GDPR)investigation granted to the control authorities in article 57.1 of Regulation (EU) 2016/679 (GDPR). Thus, dated 12/04/20, an information request is addressed18 KB (2,693 words) - 13:40, 13 December 2023
- AEPD (Spain) - PS/00266/2019 (category Article 13 GDPR)refers to older national laws, instead of GDPR. Does an non-updated privacy policy infringe Article 13 GDPR? Shoud the AEPD calculate the fine by taking28 KB (4,459 words) - 14:23, 13 December 2023
- OLG Koln - 15 U 45/23 (category Article 16 GDPR)database. The request for erasure under Article 17(1) GDPR is not applicable, because under Article 17(3)(e) GDPR, the processing was necessary for the defence26 KB (4,187 words) - 14:46, 8 May 2024
- AEPD (Spain) - PS/00268/2019 (category Article 13 GDPR)specific enough and did not comply with Article 13 GDPR. Does the lack of precision enough to infrige Article 13 GDPR? The AEPD found that the information28 KB (4,435 words) - 14:23, 13 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 8040/163/2019 (category Article 4(11) GDPR)2002/58, read in conjunction with Article 2 (h) of Directive 95/46 and Regulation 2016/679 4 Article 6 (11) and Article 6 (1) (a) do not have to be interpreted29 KB (4,610 words) - 13:07, 3 March 2024
- AEPD (Spain) - PS/00068/2020 (category Article 6(1) GDPR)violation of the article6.1. of the RGPD, in relation to article 20 e) of the LOPDGDD, typifiedin article 83.5.a) of the aforementioned GDPR.2. TO appoint27 KB (4,106 words) - 13:55, 13 December 2023
- AEPD (Spain) - PS/00303/2020 (category Article 6(1) GDPR)sanction procedure against Vodafone España, S.A.U. for infringing Article 6(1) GDPR, as the defendant agreed to a voluntary payment of the corresponding29 KB (4,480 words) - 14:27, 13 December 2023
- AEPD (Spain) - PS/00205/2021 (category Article 6(1) GDPR)constitutes personal data according with Article 4(1) GDPR therefore its processing falls within the scope of GDPR. The DPA also analysed whether the controller28 KB (4,527 words) - 12:35, 13 December 2023
- AP (The Netherlands) - 26.11.2020 (category Article 32(1) GDPR)that the letter in question referred to Article 58(1)(a) of the GDPR and Article 5:16 in conjunction with Article 5:17 of the Awb does not make this any67 KB (11,415 words) - 17:15, 12 December 2023
- AEPD (Spain) - PS/00085/2021 (category Article 6(1)(a) GDPR)S.A.U., with NIF A80907397, for the alleged violation of article 6.1. GDPR typified in article 83.5.a) of the aforementioned RGPD. 1. APPOINT Mr. D.D.D28 KB (4,350 words) - 13:57, 13 December 2023
- NAIH (Hungary) - NAIH/2020/32/4 (category Article 5(1) GDPR)pursuant to Article 4(2) of the GDPR, and the applicant operating and managing the Facebook page is a controller pursuant to Article 4(7) of the GDPR, given75 KB (12,586 words) - 10:10, 17 November 2023
- AEPD (Spain) - PS/00415/2020 (category Article 5 GDPR)imposed a fine of €60000 for the violating Article 5(1)(d) GDPR and €30000 for violating Article 5(1)(f) GDPR. In imposing the fine, the AEPD factored in30 KB (4,436 words) - 14:36, 13 December 2023
- AP (The Netherlands) - z2018-02009 (category Article 32 GDPR)(hereinafter: the GDPR) applies on 25 May 2018 become. The GDPR imposes the same obligation in Article 32, paragraph 1, as it applied under Article 13 6. The UWV33 KB (5,112 words) - 17:10, 12 December 2023
- AEPD (Spain) - PS/00135/2021 (category Article 6(1) GDPR)violated Article 6(1)GDPR, for processing personal data without a legal basis. Hence, the AEPD decided to fine Telefónica for the violation of Article 6(1)GDPR30 KB (4,631 words) - 13:00, 13 December 2023
- AEPD (Spain) - PS/00008/2020 (category Article 6(1) GDPR)under the powers of investigation granted to supervisory authorities in article 57.1 of Regulation (EU) 2016/679 (General Data Protection Regulation, hereinafter27 KB (4,408 words) - 13:45, 13 December 2023
- FiS - 13308-22 (category Article 57(1)(f) GDPR)data protection regulation. Article 57.1 f of the GDPR shall be read in in the light of Article 77 and Article 78 of the GDPR because the procedural rights25 KB (2,944 words) - 13:45, 13 June 2023
- AEPD (Spain) - PS/00220/2020 (category Article 5(1)(d) GDPR)significant negligent action (Article 83(2)(b) GDPR) and that basic personal identifiers were affected (Article 83(2)(g) GDPR). The economic volume of the28 KB (4,295 words) - 14:11, 13 December 2023
- APD/GBA (Belgium) - 117/2021 (category Article 57(1)(f) GDPR)decision that there is of infringements of Article 32(1), (2) and (4) of the GDPR and of 24(1) of the GDPR due to taking insufficient measures to ensure35 KB (4,931 words) - 12:59, 9 November 2021
- AEPD (Spain) - PD-00207-2022 (category Article 57(1)(f) GDPR)accordance with the provisions of section 2 of article 56 in in relation to section 1 f) of article 57, both of Regulation (EU) 2016/679 of the European19 KB (2,685 words) - 08:52, 30 January 2024
- CNIL (France) - SAN-2020-015 (category Article 32(1) GDPR)private doctor for violating Article 32 GDPR by making his patients' health data freely accessible on the web, and Article 33 GDPR by not notifying the DPA29 KB (4,374 words) - 16:03, 19 January 2024
- Upravni sud u Zagrebu - Usl-4017/23-6 (category Article 57(1)(a) GDPR)(Administrative Court of Zaghreb) noted that pursuant to Article 52 of its national law implementing the GDPR, a supervisory authority’s task is not simply to22 KB (3,379 words) - 09:05, 28 March 2024
- AEPD (Spain) - PS/00285/2020 (category Article 13 GDPR)not having complied with Article 13 GDPR. A claimant filed a complaint with the DPA to report several infringements of the GDPR coming from the Asturian19 KB (2,923 words) - 14:26, 13 December 2023
- BVerfG - 1 BvR 16/13 (category Article 17 GDPR)completely determined by it. This already follows from Article 1.3, Article 20.3 and Article 93.1 No. 4a of the Basic Law. According to these, the commitment133 KB (21,944 words) - 15:59, 22 March 2022
- DSB (Austria) - 2022-0.560.569 (category Article 57(1)(f) GDPR)the necessary preconditions to the right to complaint, pursuant to Article 77(1) GDPR, is to be personally affected by the processing of personal data.7 KB (900 words) - 16:20, 15 November 2022
- UODO (Poland) - DKN.5131.6.2020 (category Article 34(4) GDPR)as Article 57 (1) (a), Article 58 (2) (e) and (i), Article 83 (1) - (3) and Article 83 (4) (a) in connection with Article 33 (1) and Article 34 (1), (2)66 KB (10,785 words) - 10:00, 17 November 2023
- UOOU (Czech Republic) - UOOU-01025/20-121 (category Article 5 GDPR)legal basis under Article 6(1) GDPR and in violation of transparency obligations in the privacy policy under Article 5(1)(a) and 13 GDPR. The DPA in the246 KB (39,598 words) - 09:26, 24 April 2024
- Rb. Gelderland - AWB - 19/3510 (category Article 57 GDPR)The claimant has submitted a request on the basis of Article 58 of the AVG . Pursuant to this article, the defendant may - prior to taking enforcement action19 KB (2,970 words) - 16:16, 10 March 2022
- Garante per la protezione dei dati personali (Italy) - 9440000 (category Article 5(1)(c) GDPR)to Article 57(1)(f) of the Regulation, finds the unlawfulness of the processing carried out by the Municipality of Manduria, for breach of Article 6(1)(c)24 KB (3,852 words) - 15:50, 6 December 2023
- LAG Berlin-Brandenburg - 10 Sa 443/21 (category Article 15 GDPR)meaning of Article 4 No. 7 GDPR. However, the defendant cannot be accused of violating an obligation to provide information under Art. 15, 12 GDPR. Paragraph28 KB (4,527 words) - 15:58, 26 April 2022
- CNPD (Luxembourg) - Délibération n° 38FR/2021 (category Article 37(7) GDPR)Protection Officer (DPO) under Section 4 of Chapter 4 of the GDPR (see in particular Article 37 GDPR to Article 39 GDPR). One of these audit proceedings concerned81 KB (11,895 words) - 16:58, 6 December 2023
- CJEU - T‑200/21 JS v European Data Protection Supervisor (EDPS) (category Article 17 GDPR)right to erasure (“right to be forgotten”) of Article 17 GDPR and Article 19 of Regulation 2018/1725. Under GDPR, such prolonged and unrestricted data retention61 KB (9,971 words) - 14:28, 4 January 2024
- UODO (Poland) - DKN.5131.33.2021 (category Article 34(4) GDPR)the breach, pursuant to the obligation expressed in Article 34 GDPR, in conjunction with Article 12 GDPR. Based on this assessment, the DPA issued an administrative81 KB (13,351 words) - 14:48, 2 March 2022
- AEPD (Spain) - PS/00100/2020 (category Article 13 GDPR)to the legal provisions established in article 22.2 LSSI. This Infraction is classified as "minor" in Article 38.4 g) of the aforementioned Law, and may27 KB (4,296 words) - 13:59, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9440075 (category Article 5(1)(a) GDPR)art. 5 and 6 of the GDPR? The DPA held that Regione Campania violated art 5(1)(a)(c), art. 6(1)(c)(e), art. 6(2) and art. 6(3)(b) GDPR, and concluded that27 KB (4,339 words) - 15:50, 6 December 2023
- AEPD (Spain) - PS/00340/2019 (category Article 6(1)(e) GDPR)as a data subject under Article 21(1) GDPR had been violated by the PAR. Did Mrs AAA have a right to object under Article 21 GDPR? Had the PAR infringed23 KB (3,554 words) - 14:31, 13 December 2023
- AEPD (Spain) - PS/00120/2020 (category Article 13 GDPR)6www.aepd.es28001 - Madridsedeagpd.gob.es Page 4 4/11FOUNDATIONS OF LAWIBy virtue of the powers that article 58.2 of the RGPD recognizes to each authoritycontrol31 KB (4,808 words) - 14:01, 13 December 2023
- BVwG - W256 2235360-1 (category Article 4 GDPR)ensure compliance with the GDPR (Art 57(1)(h) GDPR; cf. Selmayr in Ehmann/Selmayr, DS-GVO2, Art 57 Rz 6 ff). Article 58 (1) of the GDPR grants the authority67 KB (10,431 words) - 08:39, 21 February 2024
- Rb. Amsterdam - AWB 21/3724 (category Article 57(1)(f) GDPR)priority to be dealt with. The Court found that it follows from Article 57(1)(f) GDPR that the DPA has this margin to decide whether or not a complaint12 KB (1,778 words) - 11:10, 1 April 2022
- BVwG - W214 2228346-1 (category Article 4(1) GDPR)bases: Article 12, Article 15, Article 57(1)(f), Article 58(2)(c) and Article 77(1) of the Basic Data Protection Regulation (DSGVO), OJ No L 119 of 4 May65 KB (10,246 words) - 09:42, 10 September 2021
- BVwG - W214 2242817-1 (category Article 57(1)(f) GDPR)subject to the material scope of Article 2 GDPR. Furthermore, it argued, that even in case of the application of the GDPR, Article 5 hat not been violated. The31 KB (4,712 words) - 16:38, 7 March 2022
- AEPD (Spain) - PS/00200/2020 (category Article 6(1) GDPR)punishable under Article 83(4)(a) GDPR. Assessing the circumstances that modify the responsibility contemplated in Article 83(2) GDPR, in this case, the30 KB (4,833 words) - 14:10, 13 December 2023
- AEPD (Spain) - EXP202210237 (category Article 6(1) GDPR)fact that the processing of the controller relied on Article (6)(1)(b) GDPR and Article 6(1)(c) GDPR as legal basis affects the holding of the DPA since32 KB (4,780 words) - 10:44, 13 December 2023
- AEPD (Spain) - PS/00341/2020 (category Article 5 GDPR)principles are found under Article 5(1)(a) and Article 5(2) GDPR respectively]. The Spanish DPA even made reference to Recital 40 GDPR on the legality of processing32 KB (4,831 words) - 14:31, 13 December 2023
- PVN - PVN-2023-23 (category Article 57(1)(f) GDPR)lawfulness of processing under Article 6 GDPR or the processing of special categories of personal data under Article 9 GDPR. Rather, the crux is whether15 KB (2,181 words) - 09:31, 23 February 2024
- AEPD (Spain) - PS/00026/2021 (category Article 21 GDPR)processor, Vamavi Phone SL, had violated Article 48(1) LGT, Article 21 GDPR in link with Article 23 LOPDGDD and Article 28 GDPR by making a commercial call on behalf33 KB (5,185 words) - 13:48, 13 December 2023
- AEPD (Spain) - EXP202201721 (category Article 83(4)(a) GDPR)violated Article 6 and Article 32 GDPR. The DPA seems to consider the authentication procedure itself as "processing" and therefore Article 32 GDPR applies79 KB (12,408 words) - 13:24, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9853406 (category Article 57 GDPR)the mutual assistance procedure (Article 61 GDPR), The Italian DPA initiated the urgency mechanism in Article 66 GDPR to prohibit Meta’s processing of23 KB (3,429 words) - 09:41, 23 February 2023
- Garante per la protezione dei dati personali (Italy) - 9883613 (category Article 57(1)(f) GDPR)search results be associated with the data subject. According to Article 57 1 f GDPR, the Guarantor does neither find sufficient reason to adopt measures17 KB (2,544 words) - 12:49, 19 June 2023
- AEPD (Spain) - PS/00057/2020 (category Article 7 GDPR)Page 4 4/14Taking into account the above, ESLORA PROYECTOS is not subsumed innone of the cases of compulsory designation included (i) in article 37.1RGPD31 KB (4,757 words) - 13:52, 13 December 2023
- under Article 6(1)(f) GDPR is not a valid legal basis for the processing of cookies. The Italian DPA also held that the controller violated Article 122 of57 KB (9,084 words) - 15:11, 13 July 2022
- AEPD (Spain) - PS/00317/2020 (category Article 13 GDPR)the lack of a privacy and cookie policy on a website infringe Article 13 GDPR and Article 22(2) LSSI? The AEPD decided to impose a fine to the clinic: €31 KB (4,862 words) - 14:28, 13 December 2023
- IP - 07121-1/2020/519 (category Article 57 GDPR)data and a legal basis would be needed according to Article 6 GDPR and the principles of Article 5 GDPR should be respected. The employer who decides that15 KB (2,192 words) - 15:21, 17 March 2022
- Rb. Den Haag - C/09/581706 / HA RK 19-593 (category Article 12(5) GDPR)the same search results on the basis of Article 12 (4) GDPR has been rejected by Google . Article 21 (1) of the GDPR provides that a data subject has the34 KB (5,811 words) - 09:44, 8 December 2020
- data concerning you". According to Art. 7 Para. 4 GDPR and taking into account Art. 4 Z 11 and EG 43 GDPR, consent must be given voluntarily and may not33 KB (5,254 words) - 13:33, 12 May 2023
- AEPD (Spain) - PS-00507-2022 (category Article 4(1) GDPR)were initiated, based on Article 63 and Article 64 LPACAP and an infringement of Article 6(1) GDPR typified in Article 83(5) GDPR. After the proceedings49 KB (7,832 words) - 10:54, 22 January 2024
- AEPD (Spain) - PS/00001/2021 (category Article 5(1)(f) GDPR)enshrined in Article 25 GDPR. Additionally, the AEPD concluded that the controller had violated Article 5(1)(f) GDPR, noting that although the GDPR does not270 KB (43,335 words) - 12:39, 13 December 2023
- CNIL (France) - SAN-2021-003 (category Article 4(1) GDPR)drones equipped with cameras a personal personal data in the sense of Article 4 GDPR ? Did the Ministry of Interior comply with the French Data Protection39 KB (6,015 words) - 17:11, 6 December 2023
- TA Luxembourg - 45717 (category Article 57(1)(f) GDPR)facto dealt with the complaint and did not violate Article 77 GDPR. The Court added that Article 57(f) GDPR does not impose on the DPA an obligation to open58 KB (9,280 words) - 12:38, 28 June 2023
- OLG Naumburg - 9 U 6/19 (category Article 9(1) GDPR)Court found that customers’ order data is health data and fall within Article 9(1) GDPR. Amazon does not collect health data stricto sensu but it can draw32 KB (5,236 words) - 16:00, 10 March 2022
- AEPD (Spain) - PS/00110/2020 (category Article 7 GDPR)Thus, the AEPD understood that the defendant has infringed Article 7 of the GDPR and Article 6(3) of the Spanish Law on Data Protection and Digital Rights32 KB (4,992 words) - 14:00, 13 December 2023
- DSB (Austria) - 2021-0.119.956 (category Article 57(1)(f) GDPR)2 a) Basic information about Article 15 GDPRa) Basic information about Article 15 GDPR Pursuant to Article 15 Para. 1 GDPR, the data subject has the right50 KB (8,021 words) - 15:40, 18 January 2024
- AEPD (Spain) - PS/00348/2020 (category Article 5(1)(a) GDPR)claimant’s signature constitute a breach under the GDPR? The AEPD held that Vodafone violated Article 6(1) GDPR, as they had processed the claimant’s data without38 KB (5,648 words) - 14:31, 13 December 2023
- AEPD (Spain) - EXP202200471 (category Article 5(1)(f) GDPR)the violation of Article 5(1)(f) GDPR and €30,000 for the violation of Article 32 GDPR. According to the national legislation (Article 76(2)(b) LOPDGDDon40 KB (6,014 words) - 13:21, 13 December 2023
- HDPA (Greece) - Opinion 2/2020 (category Article 35(1) GDPR)of Article 6(1)(e) GDPR -public interest and exercise of official authority vested in it, which falls within the exception of Article 9(2)(j) GDPR. It33 KB (5,266 words) - 15:32, 6 December 2023
- APD/GBA (Belgium) - 25/2020 (category Article 5 GDPR)the basis of article 92, 3° of the WOG. 14. The inspection report shall identify potential breaches of Article 5(1). 2 of the AVG, Article 6 of the AVG84 KB (14,035 words) - 16:56, 12 December 2023
- Garante per la protezione dei dati personali (Italy) - 9861249 (category Article 5(1)(a) GDPR)should have applied Article 35 GDPR. In light of the above, the Italian DPA used its corrective powers under Article 58(2)(c) and 83 GDPR and fined the controller87 KB (14,104 words) - 15:45, 6 December 2023
- APD/GBA (Belgium) - 31/2022 (category Article 5(1)(a) GDPR)of his personal data would be based 5. 1, a) GDPR, Article 6, Article 12.1 GDPR and Article 14.1 a) GDPR. 67. Moreover, a controller, in this case defendant84 KB (12,933 words) - 16:46, 12 December 2023
- BVwG - W214 2230473-1 (category Article 57(1)(f) GDPR)Furthermore, Article 24 (2) and (3) of the Data Protection Act is also relevant. Article 4(1), (2) and (7) of the GDPR read: "Article 4 Definitions For53 KB (8,912 words) - 10:08, 10 September 2021
- AEPD (Spain) - PS/00227/2019 (category Article 6(1)(a) GDPR)against the defendant for the alleged infringement of Article 6.1(a) of the RGPD, as defined in Article 83.4 of the RGPD. FOURTH: Upon notification of the above-mentioned36 KB (5,821 words) - 14:20, 13 December 2023
- UODO (Poland) - DKN.5112.7.2020 (category Article 5(1)(a) GDPR)Justification . Pursuant to Article 78 paragraph 1, Article 79 paragraph 1 point 1 and Article 84 paragraph 1 point 1-4 of the Act of 10 May 2018 on the29 KB (4,687 words) - 09:56, 17 November 2023
- APD/GBA (Belgium) - 72/2020 (category Article 5(1)(b) GDPR)membership are in principle prohibited (article 9.1 of the RGPD). The second paragraph of the However, the same article provides for a series of exceptions34 KB (5,677 words) - 17:00, 12 December 2023
- DSB (Austria) - 2022-0.858.901 (category Article 6(1) GDPR)165/1999 as amended: Article 4, Article 5, Article 6, Article 51, Paragraph 1, Article 57, Paragraph 1, Letters a and h, Article 58, Paragraph 1, Letter19 KB (2,904 words) - 12:53, 17 April 2024
- AEPD (Spain) - PS/00474/2020 (category Article 21 GDPR)data subject has exercised their right to object under Article 21 GDPR. In the same way, Article 48(1)(b) of the Spanish General Telecommunications Act38 KB (5,945 words) - 12:14, 9 June 2021
- AEPD (Spain) - PS/00406/2020 (category Article 6(1)(f) GDPR)violation of article 6.1. f) of the RGPD, in relation with article 20.1 c) of the LOPDGDD, typified in article 83.5.a) of the cited GDPR That by writing36 KB (5,582 words) - 14:35, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9698724 (category Article 5(1)(a) GDPR)Guarantor or to ask to be heard by the Authority (Article 166, paragraphs 6 and 7, of the Code; as well as Article 18, paragraph 1, of Law no. . 689 of 11/24/1981)83 KB (13,648 words) - 11:30, 16 August 2022
- AEPD (Spain) - PS/00473/2019 (category Article 5 GDPR)under the powers of investigation granted to the control authorities in article 57.1 of the Regulation (EU) 2016/679 (General Data Protection Regulation35 KB (5,635 words) - 14:41, 13 December 2023
- LSG Niedersachsen-Bremen - L 16 SF 5/21 DS (category Article 77 GDPR)supported by the structure of Article 78 GDPR, which is strictly intertwined with Article 77 GDPR. Indeed, Article 78(2) GDPR provides the data subject with34 KB (5,655 words) - 14:08, 16 May 2023
- AEPD (Spain) - PS/00430/2018 (category Article 4(7) GDPR)( *** POSITION 1) for an infraction of Article 6.1.f) of the GDPR, in accordance with Article 83.5 of the GDPR ”. In the face of it, no allegations have40 KB (6,508 words) - 14:39, 13 December 2023
- AEPD (Spain) - PS-00587-2021 (category Article 4 GDPR)to violation of article 5.1.f) of the GDPR. VII Classification of the violation of article 5.1.f) of the RGPD Article 83.5 of the GDPR provides the following:79 KB (12,131 words) - 15:30, 17 January 2024
- Garante per la protezione dei dati personali (Italy) - 9932951 (category Article 5 GDPR)data controller) to exercise her rights provided for from Article 15 GDPR to Article 22 GDPR but did not receive feedback. On 2 March 2023, the Italian39 KB (6,150 words) - 07:57, 4 October 2023
- VGH München – 5 CS 19.2087 (category Article 4(1) GDPR)paragraph 1a Basic Law Article 5(1), first sentence VIG § 1, § 2, § 3, § 4 para. 4, § 5 para. 1, para. 4 p. 1, § 6 para. 1, para. 3, para. 4 Regulation (EU) 2017/62540 KB (6,397 words) - 08:03, 21 March 2022
- Garante per la protezione dei dati personali (Italy) - 9866622 (category Article 17(1)(c) GDPR)controller twenty days to remedy to the situation, pursuant to Article 58(2)(c) and Article 58(2)(g) GDPR. Share your comments here! Share blogs or news articles23 KB (3,665 words) - 14:05, 4 April 2023
- communication service. Therefore, TikTok had to obtain valid consent (Article 4(11) GDPR) from users before using the identifiers. The DPA stated that it should73 KB (11,864 words) - 17:03, 6 December 2023
- APD/GBA (Belgium) - 12/2019 (category Article 4(11) GDPR)the ePrivacy Directive and Articles 6(1)(a) and 7 GDPR, in the lights of Article 4(11) and Recital 32 GDPR. Following this report, the GBA issued a decision107 KB (17,697 words) - 16:52, 12 December 2023
- Garante per la protezione dei dati personali (Italy) - 9880317 (category Article 5(1)(a) GDPR)6(1)(a) GDPR. The Italian DPA ordered the controller to erase personal data and stop the processing pursuant to Article 58(2)(d) and (f) GDPR. The DPA40 KB (6,513 words) - 13:47, 3 May 2023
- OLG Köln - 20 U 295/21 (category Article 4(1) GDPR)invoked the excessiveness of the request under Article 12(5) GDPR alleging that the data subject uses Article 15 GDPR only to verify the validity of the premium42 KB (6,689 words) - 08:30, 21 November 2022
- AEPD (Spain) - PS/00194/2020 (category Article 6 GDPR)norm therefore by article 19 of the LOPD as business data. We consider relevant the legal basis by which, according to the article Article 65 of the LOPD33 KB (5,338 words) - 14:09, 13 December 2023
- AEPD (Spain) - PS/00180/2020 (category Article 13 GDPR)as per Article 22(2) of the Spanish Law on Information Society Services (LSSI) — amongst others, the Spanish law regulating cookies — and Article 13 of38 KB (5,879 words) - 14:07, 13 December 2023
- APD/GBA (Belgium) - 61/2020 (category Article 5(1)(d) GDPR)pieces also creates aprocessing of personal data within the meaning of Article 4 (2) GDPR.32. However, the Disputes Chamber cannot accept any abuse in this41 KB (6,354 words) - 16:59, 12 December 2023
- CNIL (France) - SAN-2019-001 (category Article 4(11) GDPR)investigations, in accordance with Article 57(1)(a) and (h) of the RGPD. Moreover, the restricted formation notes that Article 80 of the EPMR provides for the90 KB (14,556 words) - 17:08, 6 December 2023
- of the GDPR (Article 57, 1., a) GDPR), and the performance of all other tasks related to the protection of personal data (Article 57, 1., v) GDPR). 16.17 KB (2,310 words) - 12:56, 16 May 2023
- AEPD (Spain) - PS/00416/2019 (category Article 6 GDPR)provisions of article 6 of the LOPDGDD:"Article 6. Treatment based on the consent of the affected party1. In accordance with the provisions of article 4.11 of206 KB (32,869 words) - 14:36, 13 December 2023
- GHSHE - 200.297.497 01 (category Article 16 GDPR)of Article 47 HGEU in relation to Article 22 of Directive 95/46. This article has been seamlessly followed by article 79 GDPR. Pursuant to Article 79 GDPR54 KB (9,028 words) - 11:38, 23 February 2022
- AEPD (Spain) - EXP202208230 (category Article 28(2) GDPR)violation of article 28.2 typified in Article 83.4 a) GDPR. SIXTY THOUSAND EUROS (€60,000) for alleged violation of article 28.3 typified in Article 83.4 a) GDPR45 KB (6,904 words) - 13:12, 13 December 2023
- AEPD (Spain) - PS/00044/2020 (category Article 13 GDPR)of article Article 24.1, and in relation to the obligations referred to in the previous section, The information obligation provided for in Article 5 of39 KB (6,270 words) - 13:51, 13 December 2023
- APD/GBA (Belgium) - 138/2022 (category Article 5(1)(a) GDPR)an infringement of Article 5 (1) a), b) and c) and (2) of the GDPR and Article 24 (1) of the GDPR; and - an infringement of article 8 of the law of 2143 KB (6,274 words) - 08:57, 29 June 2023
- Garante per la protezione dei dati personali (Italy) - 9873408 (category Article 5(1)(a) GDPR)data and in a violation of Article 6 GDPR, as data subjects' consent was not collected in advance. Pursuant to Article 83 GDPR, the Italian DPA fined Razmataz46 KB (7,332 words) - 13:27, 3 May 2023
- BVwG - W298 2269087-1 (category Article 83 GDPR)processing under Article 9 (2) GDPR. The complainant was accused of having, as the person responsible within the meaning of Article 4, Item 7, GDPR, on September52 KB (8,464 words) - 11:50, 26 July 2023
- APD/GBA (Belgium) - 115/2023 (category Article 35 GDPR)read Article 35 GDPR in line with Article 77 GDPR. The DPA interpreted the right to lodge a complaint with a supervisory authority under Article 77 GDPR20 KB (2,909 words) - 06:45, 14 September 2023
- VwGH - Ro 2021/04/0010 (category Article 4 GDPR)in accordance with Article 57 Paragraph 1 Letter h in conjunction with Article 58 Paragraph 1 Letter b and Paragraph 2 Letter a GDPR in conjunction with190 KB (30,999 words) - 10:00, 21 February 2024
- IP (Slovenia) - IP - 07141-10-2023 (category Article 17(1) GDPR)to comply with in accordance with the GDPR. The Slovenian DPA held that the controller violated Article 17(2) GDPR, which regulates the right to be forgotten16 KB (2,454 words) - 16:23, 6 November 2023
- APD/GBA (Belgium) - 02/2021 (category Article 6 GDPR)Compétence de la Chambre de Résolution des Litiges (Article 2 AVG ; Article 4 WOG) 55. Conformément à l'article 2, paragraphe 1, de l'AVG, le règlement s'applique96 KB (15,396 words) - 16:50, 12 December 2023
- UODO (Poland) - DKN.5131.31.2021 (category Article 5(1)(a) GDPR)controller violated Article 33(1) GDPR by failing to inform the DPA of the data breach. Second, the DPA held that the controller violated Article 28(1), (3) and105 KB (17,237 words) - 09:22, 10 May 2023
- AEPD (Spain) - PS/00070/2019 (category Article 4(11) GDPR)referred to Article 5(1)(a) (principle of lawfulness, fairness and transparency), Article 12(1), Article 7, Article 13 and Article 14 GDPR, the corresponding422 KB (70,184 words) - 13:56, 13 December 2023