Search results
From GDPRhub
- Article 58 GDPR (category GDPR Articles) (section (e) Obtain access to personal data and all relevant information)access (Article 15 GDPR), rectification (Article 16 GDPR), erasure (Article 17 GDPR), restriction (Article 18 GDPR), notification (Article 19 GDPR) or data46 KB (5,825 words) - 11:12, 7 November 2023
- Article 83 GDPR (category GDPR Articles) (section (6) Non-compliance with orders pursuant to Article 58(2) GDPR)Category:Article 83 GDPR The wording “infringements of this Regulation” in Article 83(1) GDPR is slightly imprecise. In fact, Article 83(5)(d) GDPR also provides55 KB (7,622 words) - 14:04, 7 November 2023
- ANSPDCP (Romania) - President of the Association of Owners Bld. Pipera 1-2E (category Article 83(5)(e) GDPR)deadline. Therefore, the DPA held that the controller violated Article 58(1) and Article 83(5)(e) GDPR. The DPA thus fined the controller €300. The Romanian DPA4 KB (359 words) - 13:39, 2 December 2022
- ANSPDCP (Romania) - Natural Person (category Article 83(5)(e) GDPR)provisions of Article 5(1)(a), 5(1)(f), and Article 6(1)(a) GDPR) and €50 (for violating Article 58(1)(a), 58(1)(e) and Article 83(5)(e) GDPR). Thus, the5 KB (507 words) - 14:47, 5 October 2022
- ANSPDCP (Romania) - 03.01.2023 (category Article 83(5)(e) GDPR)basis in Article 6 GDPR. Neither consent nor any other legal basis were applicable. Consequently, pursuant to the Articles 83(5)(a) and 83(5)(e), the DPA4 KB (503 words) - 15:12, 13 December 2023
- ANSPDCP (Romania) - Association SOS Infertility (category Article 83(5)(e) GDPR)provide information and allow access to personal data according to Article 58(1)(a) and (e) GDPR. The controller did not comply. Since the data controller did3 KB (368 words) - 15:16, 13 December 2023
- ANSPDCP (Romania) - SC C&V Water Control SA (category Article 83(5)(e) GDPR)Control SA violated the GDPR. The DPA highlighted that failing to provide such information upon request was in breach of Article 83(5)(e) in conjuncture with3 KB (351 words) - 15:21, 13 December 2023
- AEPD (Spain) - PS/00090/2020 (category Article 83(5)(e) GDPR)typified in Article 83.5.e) of the RGPD, which considers such as: 'failure to provide access in breach of Article 58(1)'. The same Article states that16 KB (2,462 words) - 13:58, 13 December 2023
- AEPD (Spain) - PS/00155/2021 (category Article 83(5)(e) GDPR)sanction Vodafone in accordance with Article 83(5)(e) GDPR, for the non-compliance with an order pursuant to Article 58(1) GDPR. For this infringement, the AEPD20 KB (2,992 words) - 13:30, 13 December 2023
- AEPD (Spain) - PS/00060/2020 (category Article 83(5)(e) GDPR)infringement of article 83.5.e) of the RGPD, in an initial assessment, the The following factors are considered to be concurrent: - No direct benefits (83.2 k) RGPD23 KB (3,695 words) - 13:53, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9435807 (category Article 83(5)(e) GDPR)non-compliance with this measure, the sanction referred to in Article 83, paragraph 5, letter e) of the Regulation shall be applied at the administrative level58 KB (9,448 words) - 15:50, 6 December 2023
- ANSPDCP (Romania) - Fine against Owners Association from Str. Soporului 17, Cluj-Napoca Municipality (category Article 83(5)(e) GDPR)had violated the provisions of Article 83(5)(e) GDPR, in conjunction with the provisions of Articles 58(1)(a) and (e) GDPR by not granting the information4 KB (409 words) - 14:15, 13 April 2022
- ANSPDCP (Romania) - Das Sense Society SRL (category Article 83(5)(e) GDPR)provide the information requested by the DPA violated Article 58(1) GDPR and Article 83(5)(e) GDPR. In conclusion, the Romanian DPA fined the controller4 KB (421 words) - 16:23, 17 November 2022
- ANSPDCP (Romania) - 06.06.2023 (category Article 83(5)(e) GDPR)Romanian DPA found that the data controller has violated the provisions of Article 83 (5)(e), by not responding to the Romanian DPA's request of information, during3 KB (337 words) - 07:35, 14 June 2023
- ANSPDCP (Romania) - Fine against Megareduceri TV S.R.L (category Article 83(5)(e) GDPR)result, the controller was found in breach of GDPR Article 58(1) and was fined under Article 83(5)(e) GDPR approximately EUR 4,000 (RON 19795.6) and was4 KB (464 words) - 10:50, 17 June 2022
- ANSPDCP (Romania) - Fine against S.C. Dreamtime Call S.R.L. (category Article 83(5)(e) GDPR)responding to the DPA's request for information, Dreamtime Call violated Article 85(3)(e) GDPR. The DPA fined Dreamtime Call approximately €2000 (RON 9.852,2),3 KB (344 words) - 14:55, 15 June 2021
- ANSPDCP (Romania) - Fine against a Property Owners Association (category Article 83(5)(e) GDPR)to provide the requested information, in violation of Articles 83(5)(e) and 58(1)(a) and (e), and asked for the relevant information to be sent within five4 KB (360 words) - 12:52, 26 May 2021
- ANSPDCP (Romania) - Fine against La Santrade S.R.L. (category Article 83(5)(e) GDPR)provisions of art. 83 para. (5) lit. e) of the General Regulation on Data Protection and violation of the provisions of art. 83 para. (5) lit. b) of the General5 KB (537 words) - 13:31, 23 June 2021
- DVI (Latvia) - SIA "Fitsypro" (category Article 83(5)(e) GDPR)liability in Article 83, Clause 5, Sub-paragraph e) of GDPR. 4.9. The official finds that the SIA is guilty of the violation provided for in Article 83, Clause29 KB (4,404 words) - 07:53, 23 August 2023
- UODO (Poland) - DKE.561.25.2020 (category Article 83(5)(e) GDPR)lit. a) and lit. e) and art. 58 sec. 2 lit. i) in connection with Art. 83 sec. 1-3 and art. 83 sec. 4 lit. a) and art. 83 sec. 5 lit. e) Regulation of the28 KB (4,344 words) - 11:02, 22 June 2021
- UODO (Poland) - DKE.561.23.2020 (category Article 83(5)(e) GDPR)2 lit. i), art. 83 sec. 1-3, art. 83 sec. 4 lit. a) and art. 83 sec. 5 lit. e) in connection with Art. 31 and art. 58 section 1 lit. e) Regulation of the33 KB (5,262 words) - 13:02, 16 June 2021
- BDSG, Article 5 GDPR, margin number 56 (C.H. Beck 2020) Resta, in Riccio, Scorza, Belisario, GDPR e Normativa Privacy - Commentario, Article 5 GDPR (Wolters51 KB (6,355 words) - 08:25, 18 April 2024
- required under the GDPR (e.g. from a security perspective under Article 32 GDPR or as a means of data minimisation under Article 5(1)(c) GDPR) can get confused125 KB (16,328 words) - 16:01, 8 March 2024
- Article 32 GDPR (category GDPR Articles)non-material damage. Article 32(1) GDPR reflects the principle of integrity and confidentiality enshrined in Article 5(1)(f) GDPR. The controller and the41 KB (5,197 words) - 12:17, 17 April 2024
- Article 24 GDPR (category Article 24 GDPR) (section Shall implement appropriate technical and organisational measures to ensure GDPR compliance)technical and organisational measures (e.g. Article 25 (1) and (2), Article 28(1), Article 32(1) GDPR, Article 89(1) GDPR). These measures can also be regarded30 KB (3,458 words) - 10:31, 25 April 2024
- Article 7 GDPR (category GDPR Articles)accountability in Article 5(2) GDPR, paragraph (2) specifies further requirements in the general principle of transparency under Article 5(1)(a) GDPR, paragraph31 KB (3,489 words) - 16:00, 8 March 2024
- mechanism referred to in Article 63 GDPR (Article 28(8) GDPR). The Commission has made use of its power under Article 28(7) GDPR and published standard contractual72 KB (9,140 words) - 13:12, 2 June 2023
- Garante per la protezione dei dati personali (Italy) - 9747505 (category Article 5(1)(e) GDPR)decision, subject to an administrative sanction from the Garante under Article 83(5)(e) GDPR if the order is not complied with. Although the decision textually23 KB (3,581 words) - 17:29, 9 March 2022
- all sanctions mentioned in Chapter VIII GDPR, i.e. the damages under Article 82 GDPR and fines under Article 83 GDPR. In any case, should fines for conduct19 KB (1,477 words) - 14:12, 7 November 2023
- AEPD (Spain) - PS/00365/2019 (category Article 58(1)(e) GDPR)violation of article 6.1. RGPD, typified in article 83.5.a), and article 31, in relation to article 58.1.e), both of the RGPD, typified in article 83.5.e) of the86 KB (14,295 words) - 14:32, 13 December 2023
- Article 18 GDPR (category GDPR Articles) (section (d) Objection to processing under Article 21(1) GDPR)contrast to Article 23(1)(e) GDPR, which sets out strict requirements for the Union or Member State's law restricting GDPR rights, Article 18(2) GDPR does not32 KB (3,730 words) - 08:43, 7 March 2024
- Regulation (GDPR): A Commentary, Article 33 GDPR, p. 642-643 (Oxford University Press 2020). According to Bensoussan, the drafting of Article 33 GDPR drew inspiration54 KB (6,536 words) - 08:22, 16 June 2023
- Article 70 GDPR (category Article 70 GDPR)leeway exists only in cases of Article 64(2) GDPR but not the context of Article 70(2) GDPR. According to Article 70(3) GDPR, the EDPB is obligated to “forward27 KB (3,038 words) - 12:19, 11 October 2023
- access (Article 15 GDPR), rectification (Article 16 GDPR), erasure (Article 17 GDPR), restriction of processing (Article 18 GDPR), notification obligation44 KB (4,896 words) - 06:25, 16 June 2023
- Article 6 GDPR (category GDPR Articles) (section Tension with Article 5 and 12 GDPR in case of routine reliance on Article 6(4) GDPR)personal data. The entity can rely on Article 6(1)(e) GDPR. Equally to Article 6(1)(c) GDPR, Article 6(2) and (3) GDPR require that Union or Member State108 KB (17,005 words) - 15:39, 18 March 2024
- reliance on Article 6(1)(f) GDPR or at least exercise the right to object under Article 21 GDPR. If the legal basis is Article 6(1)(f) GDPR (i.e. 'legitimate71 KB (9,532 words) - 13:30, 6 March 2024
- Article 57 GDPR (category GDPR Articles) (section (a) Monitor and enforce the application of the GDPR)commentary to Article 60 GDPR, Article 61 GDPR, Article 62 GDPR, Article 63 GDPR, Article 64 GDPR, Article 65 GDPR, Article 66 GDPR and Article 56 GDPR. The SA60 KB (7,796 words) - 20:12, 1 April 2024
- categories of data established in Article 9(2)(a) GDPR, Article 9(2)(c) GDPR, Article 9(2)(g) GDPR and Article 9(2)(i) GDPR directly correlate with a specific44 KB (5,905 words) - 14:00, 24 October 2023
- Article 17 GDPR (category GDPR Articles) (section (i) Erasure following objection under Article 21(1))subject (Article 12(2) GDPR), respond and communicate the measures taken (Article 12(3) and (4) GDPR), the principle of freedom from costs (Article 12(5) GDPR)61 KB (8,488 words) - 15:47, 18 March 2024
- Article 78 GDPR (category GDPR Articles)or infringes the GDPR or any other applicable laws, including national ones. See commentary under Article 77 GDPR. Article 78(1) GDPR establishes both30 KB (3,874 words) - 10:46, 7 December 2023
- between Article 21(3) GDPR and Article 17 GDPR on the right to erasure must be considered. The tight relationship between Article 21(3) and Article 17(1)(c)49 KB (5,993 words) - 06:22, 16 June 2023
- UODO (Poland) - DKE.561.20.2022 (category Article 58(1)(e) GDPR)pursuant to Article 83(5)(e) GDPR. Second, the DPA considered the non-compliance with the summons to breach breach of Article 58(1)(a) and (e) GDPR. The delay43 KB (6,878 words) - 10:55, 10 January 2024
- Article 15 GDPR (category GDPR Articles) (section Additional information under Article 15(1)(a) to (h))further details see Article 14(1)(d) GDPR. Similar to the ex-ante information in Article 13(1)(e) and 14(1)(e) GDPR, Article 15(1)(c) GDPR requires the controller73 KB (9,896 words) - 15:46, 18 March 2024
- with Article 13, Article 14 GDPR gives expression to the principle of transparency enshrined in Article 5(1)(a) GDPR and further defined in Article 12 GDPR47 KB (5,644 words) - 17:49, 5 March 2024
- Article 12 GDPR (category GDPR Articles) (section (5) Free of charge and manifestly unfounded or excessive requests)are dealt with in Article 12(6) GDPR. It is unclear why Article 12(2) GDPR refers to Articles 15 to 22 GDPR, while Article 11(2) GDPR only refers to Articles76 KB (11,304 words) - 08:37, 4 March 2024
- Article 16 GDPR (category GDPR Articles)However, Article 5(1)(d) GDPR gives the controller some leeway to continue processing inaccurate data - see more details under Article 5(1)(d) GDPR. Article23 KB (2,489 words) - 23:24, 6 March 2024
- Article 39 GDPR (category GDPR Articles) (section (d)(e) Cooperatian with the supervisory authority)from any of the GDPR’s protections. → You can find all related decisions in Category:Article 39 GDPR Just as Article 38 GDPR, Article 39 GDPR also shows similarities23 KB (2,165 words) - 15:10, 27 July 2023
- situation, Article 95 GDPR will not be relevant, and the GDPR applies as normal. Notably, Recital 173 GDPR, which relates to Article 95 GDPR, omits reference20 KB (1,539 words) - 08:21, 19 October 2023
- requirements of data minimization (Article 5(1)(c) GDPR) and storage limitation (Article 5(1)(e) GDPR). Under Article 30(1)(f) GDPR, where possible, the controller31 KB (3,327 words) - 15:31, 5 June 2023
- resolution mechanism under Article 65 GDPR in connection with Article 63 GDPR is triggered (Article 60 (4) GDPR). Article 60(2) GDPR clarifies that also in35 KB (4,017 words) - 16:04, 18 March 2024
- Protection Regulation (GDPR), Article 75 GDPR, p. 1105 (Oxford University Press 2020). Dix, in Kühling, Buchner, DS-GVO BDSG, Article 75 GDPR, margin number 620 KB (1,347 words) - 14:21, 17 October 2023
- Article 25 GDPR (category GDPR Articles)affected since, under Article 28(1) GDPR, a controller shall only use processors providing the same standards under Article 25 GDPR. Manufacturers or producers43 KB (4,675 words) - 06:43, 16 June 2023
- accountability obligation enshrined in Article 5(2) GDPR. This theory is not totally convincing. In light of Article 5(2) GDPR, a reversal of burden of proof for33 KB (4,215 words) - 09:57, 19 March 2024
- Article 77 GDPR (category GDPR Articles)compliance with the GDPR under Article 58(2)(d) GDPR or even ban it under Article 58(2)(f) GDPR. Therefore, complaints under Article 77 GDPR should extend to33 KB (3,641 words) - 09:51, 19 March 2024
- Article 46 GDPR (category GDPR Articles) (section (e) Approved code of conduct pursuant to Article 40)access (Article 15 GDPR), rectification (Article 16 GDPR), deletion (Article 17 GDPR), restriction of processing (Article 18 GDPR), objection (Article 21 GDPR)34 KB (3,646 words) - 08:53, 27 March 2023
- to in Article 42(5) and approved by the supervisory authority which is competent pursuant to Article 55 or 56 or by the Board pursuant to Article 63; (c)22 KB (1,634 words) - 14:40, 28 July 2023
- Article 87 GDPR (category Article 87 GDPR)process them. This was already the case under Article 8(7) of the DPD, the precursor of Article 87 GDPR. In many Member States, the processing of NIN and15 KB (660 words) - 09:37, 1 December 2023
- Article 74 GDPR (category Article 74 GDPR)See e.g. Articles 64(5), 65(5), 64(7) and 64(8) GDPR. Docksey, in Kuner et al., The EU General Data Protection Regulation (GDPR), Article 74 GDPR, p. 109915 KB (808 words) - 09:44, 17 October 2023
- Article 36 GDPR (category GDPR Articles) (section (5) Member state law may provide for stricter requirements)processing (Article 36(3)(c) GDPR); the contact details of the Data Protection Officer (DPO) (Article 36(3)(d) GDPR); a copy of the DPIA (Article 36(3)(e) GDPR)31 KB (3,646 words) - 08:51, 21 July 2023
- Article 90 GDPR (category Article 90 GDPR)Scorza, Belisario, GDPR e normativa privacy – Commentario, Article 90 GDPR, p. 662 (Wolters Kluwer 2018). Piltz in Gola DS-GVO, Article 90 GDPR, margin numbers18 KB (1,599 words) - 12:26, 29 April 2022
- Article 49 GDPR (category GDPR Articles) (section (e) Necessary for the Establishment, Exercise or Defence of Legal Claims)adequacy decision pursuant to Article 45 GDPR shall be used, when it exists; second, appropriate safeguards under Article 46 GDPR, such as binding corporate29 KB (3,500 words) - 08:54, 27 March 2023
- to in point (d) of Article 46(2) and in Article 28(8); (e) aims to authorise contractual clauses referred to in point (a) of Article 46(3); or (f) aims23 KB (2,079 words) - 16:07, 2 November 2023
- legitimate purpose(s) (Article 5(1)(b)); lawfulness of processing (Article 6); adequate, relevant and limited to what is necessary data (Article 5(1)(c)); limited52 KB (7,297 words) - 08:05, 18 July 2023
- Article 66 GDPR (category Article 66 GDPR)month to a request for mutual assistance (Article 61(8) GDPR) or to a request of joint operations (Article 62(7) GDPR). On 12 July 2021, the EDPB adopted an20 KB (1,590 words) - 16:11, 2 November 2023
- ng, Article 62 GDPR, margin number 11 (Beck 2018, 2nd edition). Riccio, Scorza, Belisario, GDPR e normativa privacy – Commentario, Article 62 GDPR (Wolters22 KB (1,915 words) - 13:46, 15 January 2024
- Press 2020). Spiecker et al., GDPR Article-by-Article Commentary (2023), p 1090. Spiecker et al., GDPR Article-by-Article Commentary (2023), p 1090. CJEU22 KB (2,177 words) - 10:01, 19 March 2024
- Article 69 GDPR (category Article 69 GDPR)proposed amendments to the GDPR (pursuant to Article 70(1)(b) GDPR). Although not explicitly mentioned in Article 69(2) GDPR, the requirement that the Board18 KB (1,327 words) - 12:36, 14 December 2023
- categories of data under Article 9 GDPR or data relating to criminal convictions and offences under Article 10 GDPR. Article 37(2) GDPR allows for the designation43 KB (4,904 words) - 12:59, 21 July 2023
- Article 98 GDPR (category Article 98 GDPR)accordance with Article 98'. → You can find all related decisions in Category:Article 98 GDPR The CJEU has yet to rule on Article 98 GDPR. Nonetheless, the15 KB (943 words) - 09:58, 8 November 2023
- Article 47 GDPR (category GDPR Articles)Category:Article 47 GDPR Kuner, in Kuner, Bygrave, Docksey, The EU General Data Protection Regulation (GDPR) Update of Selected Articles, Article 68 GDPR, p29 KB (2,823 words) - 15:15, 28 April 2022
- clear from the wording of Article 41(1) GDPR. Article 41(1) GDPR does not define accreditation. Nonetheless, Article 41(2) GDPR provides a criterion against30 KB (2,720 words) - 14:02, 28 July 2023
- Article 50 GDPR (category GDPR Articles)exchange of knowledge between them. This way, Article 50 GDPR expands the exhortation under Article 57(1)(g) GDPR that calls for cooperation between EU DPAs17 KB (1,142 words) - 15:41, 28 April 2022
- Article 92 GDPR (category Article 92 GDPR) (section (2) Delegation of power under Article 12(8) and 43(8) GDPR)objections pursuant to Article 92(5) GDPR. Article 92(5) GDPR imposes a further condition for the delegation of power, in line with Article 290(2)(b) TFEU. A19 KB (1,525 words) - 08:18, 19 October 2023
- Commentary, Article 38 GDPR, p. 707 (Oxford University Press 2020). Bergt, in Kühling, Buchner, DS-GVO BDSG, Article 38 GDPR, margin number 20 (C.H. Beck29 KB (2,951 words) - 14:19, 25 July 2023
- Article 91 GDPR (category Article 91 GDPR) (section Rules that are comprehensive and in line with the GDPR)protection law as enshrined in Article 5 GDPR must be complied with, and that the rights of the data subjects as found in the GDPR must also be available under25 KB (2,482 words) - 10:04, 19 March 2024
- Article 55 GDPR (category GDPR Articles)which would be competent under Article 55(1) GDPR, as provided in Article 56 GDPR in connection with Article 60 GDPR. For more information see commentary35 KB (3,971 words) - 21:34, 1 April 2024
- Article 85 GDPR (category Article 85 GDPR) (section Scope of the exceptions within the GDPR framework)into force of the GDPR. Spiecker et al., GDPR Article-by-Article Commentary (2023), p 1073. Spiecker et al., GDPR Article-by-Article Commentary (2023)33 KB (3,748 words) - 14:25, 7 November 2023
- Article 11 GDPR (category GDPR Articles) (section (1) If the data subject is not identified, the GDPR applies in part)limited to, security of processing (Article 32(1) GDPR) and the general principles of processing set out in Article 5 GDPR. In confirming the above interpretation20 KB (1,854 words) - 16:32, 8 March 2024
- excluded, as Article 54(1)(e) GDPR addresses the question of reappointment. Therefore, the GDPR assumes a limited term for the position. Article 54(1)(e) GDPR34 KB (3,649 words) - 13:19, 30 October 2023
- Article 40 GDPR (category GDPR Articles) (section (3) Controllers and processors that are not subject to the GDPR)requirements. Although Article 40(5) GDPR mentions that the competent DPA will be determined through the application of Article 55 GDPR, the GDPR does not provide44 KB (5,008 words) - 14:50, 28 July 2023
- Article 2 GDPR (category GDPR Articles)elements in Article 2(1) are fulfilled, the GDPR applies unless the processing falls under one of the exemptions named in Article 2(2)(a) to (d) GDPR. The first34 KB (4,652 words) - 12:07, 12 November 2023
- the GDPR (Article 3)’, 12 November 2019 (Version 2.1), p. 6 (available here). EDPB, ‘Guidelines 3/2018 on the territorial scope of the GDPR (Article 3)’37 KB (4,635 words) - 13:29, 24 October 2023
- Article 26 GDPR (category GDPR Articles)protection principles (Article 5), determination of the legal basis for processing (Article 6), implementation of security measures (Article 32), notification37 KB (3,915 words) - 12:49, 24 May 2023
- Article 20 GDPR (category GDPR Articles)consent pursuant to point (a) of Article 6(1) or point (a) of Article 9(2) or on a contract pursuant to point (b) of Article 6(1); and (b) the processing is40 KB (5,349 words) - 07:05, 1 June 2023
- Article 72 GDPR (category Article 72 GDPR)from the fact that, according to Article 68(3) GDPR, the Commission is not a member of the EDPB. Secondly, Article 68(5) GDPR explicitly states that the Commission22 KB (2,266 words) - 08:26, 17 October 2023
- Article 1 GDPR (category GDPR Articles)limit the application of the GDPR. You can find further details about the territorial scope in Article 3 GDPR. According to Article 1(2), the Regulation generally28 KB (3,831 words) - 16:21, 14 March 2024
- controller is subject, under Article 6(1)(c) GDPR. In line with the general objectives of the GDPR, as outlined in Article 1 GDPR Article 16 TFEU, SAs are also27 KB (2,604 words) - 14:24, 16 January 2024
- Article 22 GDPR (category GDPR Articles)and interpretation as in Article 22(3) GDPR. → You can find all related decisions in Category:Article 22 GDPR Article 20 of GDPR proposal, COM(2012) 11 final31 KB (4,768 words) - 06:24, 16 June 2023
- with the support of the EDPB in accordance with Article 70(1)(b) GDPR. According to Article 45(5) GDPR, the continued monitoring referred to in paragraph43 KB (5,641 words) - 14:58, 28 April 2022
- processing), Article 57 GDPR (tasks of SAs), Article 58 GDPR (powers of SAs), as well as Article 65 GDPR (dispute resolution by the board), Article 63 GDPR (consistency55 KB (7,446 words) - 22:28, 1 April 2024
- explicit wording of Article 81 GDPR does not limit its application to proceedings instigated either under Article 78 GDPR or Article 79 GDPR. Secondly, the27 KB (2,619 words) - 14:52, 16 November 2023
- Article 34 GDPR (category GDPR Articles)meaning Recital 86 GDPR). However, Article 34 GDPR does not provide a specific deadline of 72 hours as is the case in Article 33 GDPR. Instead, timelines37 KB (3,962 words) - 15:20, 16 June 2023
- senate of 15. Dezember 1983 - 1 BvR 209/83, 1 BvR 269/83, 1 BvR 362/83, 1 BvR 420/83, 1 BvR 440/83, 1 BvR 484/83 (in DE) (Abstract in EN) - ECLI:DE:BVerfG:1983:rs1983121518 KB (1,831 words) - 13:49, 3 November 2022
- Article 89 GDPR (category Article 89 GDPR)Hence, Article 89(2) and (3) GDPR also allow for specific derogation to the GDPR for these purposes, as further detailed below. Article 89(1) GDPR provides29 KB (3,695 words) - 13:44, 21 March 2024
- of such processing (see Article 5(1)(b) GDPR), the requirement to have a legitimate basis laid down by law (see Article 6(1) GDPR), the right to access and48 KB (5,978 words) - 15:57, 1 February 2024
- BlnBDI (Berlin) - C-807/21 - Deutsche Wohnen (category Article 83 GDPR)necessary. For the intentional infringement of Article 25(1) GDPR and Article 5(1)(a), (c), and (e) GDPR, the authority imposed a pecuniary penalty of €147 KB (936 words) - 16:39, 12 December 2023
- CNIL (France) - SAN-2020-012 (category Article 4(7) GDPR)the fine, the criteria specified in the same article 83. 111. Article 83 of the GDPR, as referred to in Article 20, paragraph III, of the Data Protection93 KB (14,936 words) - 17:09, 6 December 2023
- Personvernnemnda (Norway) - 2021-20 (20/01648) (category Article 5(1)(a) GDPR)Appeals Board assessed if a fine could be imposed as per Article 83(5) GDPR, cf. Article 83(2) GDPR, and in which case, how large it should be. The Board31 KB (5,018 words) - 18:44, 5 March 2022
- CNIL (France) - SAN-2019-005 (category Article 5(1)(e) GDPR)violates Article 32 GDPR. Retaining personal data of an applicant for a lease after another applicant has been selected also violates Article 5(1)(e) GDPR41 KB (6,558 words) - 17:09, 6 December 2023
- Datatilsynet (Norway) - 20/02136 (category Article 3(2) GDPR) (section Special categories of data under Article 9 GDPR)elements. Infringement of Article 6 and 9 GDPR qualifies for the maximum amount for administrative fines as set out in Article 83(5) GDPR: 20,000,000 € or 4%18 KB (2,375 words) - 16:17, 6 December 2023
- IMY (Sweden) - DI-2020-11373 (category Article 44 GDPR)According to Article 83.5 c of the data protection regulation, in the event of a violation of, among other things, article 44 in accordance with 83.2 administrative113 KB (12,773 words) - 15:20, 6 December 2023
- Garante per la protezione dei dati personali (Italy) - 9870832 (category Article 5 GDPR)art. 83, par. 5, letter. e), of the Regulation; CONSIDERING, on the basis of the foregoing, that the prerequisites for the application of art. 5, paragraph14 KB (2,049 words) - 07:46, 1 August 2023
- AEPD (Spain) - PS/00240/2019 (category Article 5(1)(b) GDPR)given that Article 6(1), Article 5(1)(a), Article 5(1)(d), Article 5(1)(c), and Article 14 GDPR were infringed in connection to Article 5(1)(b), the AEPD602 KB (102,229 words) - 14:21, 13 December 2023
- EDPB - Binding Decision 3/2022 - 'Meta (Facebook)' (category Article 5 GDPR)criteria provided for by Article 83(2) GDPR and ensuring it is effective, proportionate and dissuasive in line with Article 83(1) GDPR. Adopted 117 10 BINDING53 KB (8,413 words) - 14:10, 30 January 2023
- LG Berlin - (526 OWi LG) 212 Js-OWi 1/20 (1/20), 526 OWiG LG 1/20 (category Article 83(5) GDPR)violating Article 5(1)(c) and Article 5(1)(e) GDPR. The DPA of Berlin fined Deutsche Wohnen SE for violating Article 5(1)(c) and Article 5(1)(e) GDPR, because36 KB (5,810 words) - 13:09, 21 January 2022
- EDPB - Binding Decision 1/2021 - 'WhatsApp' (category Article 5(1)(a) GDPR) (section Additional infringement of Article 13(2)(e) GDPR)several paragraphs of Article 83 of the GDPR, as further summarised below. Fining of the ‘gravest infringement’. Article 83(3) GDPR provides that “[i]f a29 KB (4,384 words) - 16:00, 6 December 2023
- UODO (Poland) - ZSPR.421.2.2019 (category Article 83(5)(a) GDPR)relation to Article 5(1)(a) and (f), Article 5(2), Article 6(1), Article 7(1), Article 24(1), Article 25(1), Article 32(1)(b), (c), (d), (d), (e) and (f)71 KB (11,304 words) - 10:01, 17 November 2023
- EDPB - Urgent Binding Decision 01/2023 (category Article 6(1)(f) GDPR)advertising purposes on the basis of Article 6(1)(b) GDPR and Article 6(1)(f) GDPR, pursuant to Article 58(2)(f) GDPR, to be effective one week after notification346 KB (48,181 words) - 16:39, 12 December 2023
- HDPA (Greece) - 33/2020 (category Article 5 GDPR)presenting the principles of data processing of Article 5(1) GDPR, underlined that, based on Article 5(2) GDPR, it is the data processor's responsibility to20 KB (2,270 words) - 15:37, 6 December 2023
- HDPA (Greece) - 18/2020 (category Article 5(1)(a) GDPR)as the obligation of accountability by article.5 par.2 GDPR, i.e. it violated fundamental principles of the GDPR on the protection of personal data. 8.12 KB (1,733 words) - 15:34, 6 December 2023
- already has the information. Art. 83 para. 5 lit. a GDPR: Article 83: General conditions for the imposition of fines [...] 5. Fines of up to EUR 20 000 00092 KB (15,435 words) - 16:00, 22 March 2022
- AEPD (Spain) - EXP202105680 (category Article 83(5)(a) GDPR)with article 83.5.a) of the RGPD and for the purposes of prescription in the article 72.1.e) of the LOPDGDD. -13, in accordance with article 83.5.a) of66 KB (10,558 words) - 13:14, 13 December 2023
- Personvernnemnda (Norway) - 2021-03 (category Article 5(1)(a) GDPR)manager who received all of A's e-mails picked out company-related e-mails and forwarded private e-mails to A's private e-mail address. In the relevant period25 KB (4,046 words) - 18:37, 5 March 2022
- Tietosuojavaltuutetun toimisto (Finland) - TSV/26/2020 (category Article 5(1)(e) GDPR)violated Article 5(1)(e) GDPR and Article 25(2) GDPR. As a result, the DPA issued a reprimand to the controller in accordance with Article 58(2)(b) GDPR. Pursuant77 KB (12,352 words) - 07:20, 23 April 2024
- AEPD (Spain) - EXP202203969 (category Article 83(5)(a) GDPR)hereinafter, LPACAP), for the alleged infringement of Article 6.1 of the GDPR, typified in Article 83.5 of the GDPR. SEVENTH: Notification of the aforementioned45 KB (7,135 words) - 13:08, 13 December 2023
- AEPD (Spain) - EXP202209511 (category Article 83(5) GDPR)LPACAP), for the alleged violation of Article 6.1 and 13 of the RGPD, typified in the Article 83.5 of the GDPR. FIFTH: The database of this organization22 KB (3,257 words) - 13:28, 13 December 2023
- IMY (Sweden) - DI-2020-11397 (category Article 44 GDPR)According to Article 83.5 c of the data protection regulation, in the event of a violation of, among other things, article 44 in accordance with 83.2 administrative121 KB (13,722 words) - 15:16, 5 July 2023
- AEPD (Spain) - EXP202209001 (category Article 83(5)(a) GDPR)te, LPACAP), for the alleged violation of Article 5.1.c) of the RGPD, typified in the Article 83.5 of the GDPR. C/ Jorge Juan, 6 www.aepd.es 28001 – Madrid22 KB (3,303 words) - 13:28, 13 December 2023
- AEPD (Spain) - PS/00451/2019 (category Article 6(1)(f) GDPR)regard to article 83.2 (k) of the RGPD, the LOPDGDD, article 76, "Sanctions and corrective measures", provides: "2. In accordance with Article 83(2)(k) of26 KB (4,231 words) - 14:44, 13 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 8493/161/21 (category Article 5(1)(a) GDPR)the controller had violated Article 5(1)(a) GDPR, Article 12 GDPR, Article 13 GDPR, Article 15 GDPR and Article 25(1) GDPR. As a result, the DPA issued52 KB (7,936 words) - 22:32, 2 March 2024
- CNPD (Portugal) - Deliberação 2022/1072 (category Article 83(5)(a) GDPR)therefore violated Articles 9(1) GDPR out of negligence. The DPA fined the controller €1,600,000 pursuant of Article 83(5)(a) GDPR and considered this a high163 KB (27,222 words) - 16:54, 6 December 2023
- AEPD (Spain) - EXP202205932 (category Article 83(5) GDPR)basis under Article 6(1) GDPR. In light of this, the DPA issued a fine of €70,000 to másLUZ Energía (SIE) by virtue of Article 83(5) GDPR for unlawful32 KB (4,952 words) - 13:11, 13 December 2023
- AEPD (Spain) - EXP202202164 (category Article 83(5) GDPR)with NIF ***NIF.1, for the alleged violation of Article 13 of the RGPD, typified in Article 83.5 of the GDPR. SECOND: APPOINT R.R.R. as instructor. and, as29 KB (4,482 words) - 14:06, 5 March 2024
- Garante per la protezione dei dati personali (Italy) - 9852214 (category Article 5 GDPR)in particular of children was in breach of Article 5, Article 6, Article 8, Article 9, and Article 25 GDPR. Consequently, the DPA urgently imposed upon36 KB (5,598 words) - 10:15, 8 February 2023
- AEPD (Spain) - EXP202205104 (category Article 6(1) GDPR)claimed party, for the alleged infringement of Article 6.1 of the GDPR, typified in Article 83.5 of the GDPR. FIFTH: Notification of the Commencement Agreement26 KB (4,147 words) - 13:27, 13 December 2023
- AEPD (Spain) - EXP202210525 (category Article 6(1) GDPR)claimed party, for the alleged infringement of article 6 of the GDPR, typified in article 83.5 of the GDPR. FOURTH: On January 16, 2023, the aforementioned22 KB (3,427 words) - 13:26, 13 December 2023
- Datatilsynet (Norway) - 20/01790 (category Article 5(1)(a) GDPR)disclosing personal data from a surveillance footage, thus breaching Article 5(1)(a) GDPR and Article 6. The company appealed to the Norwegian Privacy Appeals Board49 KB (7,646 words) - 07:56, 7 March 2022
- AEPD (Spain) - EXP202201721 (category Article 83(5)(a) GDPR)the violation of the GDPR: violation of article 6.1, violation typified in its article 83.5.a). IV Secondly, article 32 of the GDPR “Security of processing”79 KB (12,408 words) - 13:24, 13 December 2023
- AEPD (Spain) - EXP202206626 (category Article 83(5) GDPR)provisions of the article 5.1.c) of the RGPD, so they involve the commission of an infraction classified in Article 83.5.a) of the GDPR, which provides the35 KB (5,475 words) - 13:21, 13 December 2023
- HDPA (Greece) - 31/2023 (category Article 5(1)(c) GDPR)with the principles of article 5 par. 1 GDPR. It is no coincidence that the GDPR includes accountability (see Article 5 para. 2 GDPR) in the regulation of61 KB (10,257 words) - 10:15, 1 November 2023
- APD/GBA (Belgium) - 53/2020 (category Article 5(1)(a) GDPR)been taken up again at Article 5.1(b) of the GDPR under the Principles for the Processing of Personal Data (Chapter II). 16. Article 5.1(b) of the GDMP provides35 KB (5,853 words) - 16:58, 12 December 2023
- AEPD (Spain) - EXP202105344 (category Article 6(1) GDPR)claimed party, for the alleged infringement of Article 6.1 of the RGPD, typified in Article 83.5 of the GDPR. FIFTH: Notification of the aforementioned start-up22 KB (3,319 words) - 13:00, 13 December 2023
- APD/GBA (Belgium) - 81/2020 (category Article 5(1)(c) GDPR)they are processed (article 5.1 e) of the GDPR). 8.1.4. As for breaches of Articles 5.2. and 24 of the GDPR 88. Article 24.1 of the GDPR which covers Chapter127 KB (21,484 words) - 17:01, 12 December 2023
- AEPD (Spain) - EXP202206735 (category Article 6 GDPR)is established in article 6 of the GDPR, for which they suppose the commission of an offense classified in article 83.5 of the GDPR, which gives rise to75 KB (12,421 words) - 13:23, 13 December 2023
- UODO (Poland) - DKN.5131.6.2020 (category Article 33(1) GDPR)as Article 57 (1) (a), Article 58 (2) (e) and (i), Article 83 (1) - (3) and Article 83 (4) (a) in connection with Article 33 (1) and Article 34 (1), (2)66 KB (10,785 words) - 10:00, 17 November 2023
- Court of Appeal of Brussels - 2019/AR/1600 (category Article 5(1)(c) GDPR)infringements of Article 5.1.c) and Article 6.1 AVG. In particular, the Disputes Chamber found that relevant that: - the infringed Article 5.1.c) AVG contains60 KB (9,144 words) - 16:17, 22 March 2022
- AEPD (Spain) - PS/00001/2021 (category Article 5(1)(f) GDPR)for the violation of Article 5(1)(f) GDPR and Article 5(2) GDPR. The AEPD considered that the fine was proportional, since the GDPR establishes that fines270 KB (43,335 words) - 12:39, 13 December 2023
- APD/GBA (Belgium) - 21/2022 (category Article 5(1)(f) GDPR) (section Accountability (Article 24 GDPR), data protection by design and by default (Article 25 GDPR), integrity and confidentiality (Article 5(1)(f) GDPR), as well as security of processing (Article 32 GDPR))meaning that no violation of Article 5(1)(e) GDPR could be established. Integrity and confidentiality - Article 5(1)(f) GDPR As explained above, the DPA429 KB (58,279 words) - 09:12, 2 November 2022
- CNIL (France) - SAN-2020-009 (category Article 5(1)(a) GDPR)determining the amount of the fine, the criteria specified in the same article 83.'' 79. L’article 83 du RGPD prévoit : ''1. Each supervisory authority shall ensure48 KB (7,404 words) - 17:09, 6 December 2023
- CNIL (France) - SAN-2020-014 (category Article 9 GDPR)same article 83. 40. Article 83 of the GDPR provides: 1. Each supervisory authority shall ensure that administrative fines imposed under this Article for26 KB (4,050 words) - 17:10, 6 December 2023
- CNPD (Luxembourg) - Délibération n° 20FR/2021 (category Article 38(1) GDPR)analyzes the criteria by Article 83.2 of the GDPR: - As to the nature and seriousness of the violation [article 83.2 a) of the GDPR], with regard to breaches66 KB (9,458 words) - 19:42, 4 September 2021
- Garante per la protezione dei dati personali (Italy) - 9860529 (category Article 9 GDPR)right to privacy. Health data are sensitive data covered by Article 9 GDPR. According to Article 137 of the Italian Data Protection Code, health data can16 KB (2,354 words) - 15:45, 6 December 2023
- AEPD (Spain) - PS/00188/2019 (category Article 5(1)(f) GDPR)infringement of Article 5.1.f) of the RGPD typified in Article 83.5.a) of the RGPD and considered very serious, for the purposes of prescription, in Article 72.139 KB (6,623 words) - 14:08, 13 December 2023
- IMY (Sweden) - DI-2020-11368 (category Article 44 GDPR)2023-06-30 According to article 83.5 c of the data protection regulation, in the event of a violation of among article 44 in accordance with 83.2 administrative115 KB (12,842 words) - 08:38, 5 July 2023
- AEPD (Spain) - EXP202203617 (category Article 5(1)(c) GDPR)violation of Article 6 of the GDPR, typified in Article 83.5.a) of the GDPR, and classified as very serious for the purposes of prescription in article 72.1.b)74 KB (11,726 words) - 13:02, 13 December 2023
- Helsingin hallinto-oikeus (Finland) - 3620/2023 (category Article 5(1)(a) GDPR)the GDPR. In light of this, the Court agreed with the DPA that the controller had violated Article 5(1)(a) GDPR, Article 12 GDPR, Article 13 GDPR, Article22 KB (3,193 words) - 10:34, 29 February 2024
- AEPD (Spain) - EXP202102430 (category Article 83(4) GDPR)by article 32.1 of the Regulation (EU) 2016/679. (…) V Without prejudice to the provisions of article 83.5 of the RGPD, the aforementioned article provides33 KB (4,835 words) - 13:26, 13 December 2023
- APD/GBA (Belgium) - 37/2020 (category Article 17 GDPR)conjunction with Article 56(5), read in conjunction with Article 56(6), read in conjunction with Article 56(7), read in conjunction with Article 56(8). in conjunction131 KB (22,429 words) - 16:57, 12 December 2023
- IMY (Sweden) - DI-2020-11370 (category Article 44 GDPR)relevance. According to article 83.5 c of the data protection regulation, in the event of a violation of among article 44 in accordance with 83.2 administrative131 KB (14,752 words) - 08:36, 5 July 2023
- AEPD (Spain) - EXP202201746 (category Article 83(5) GDPR)violation of article 5.1.f) of the GDPR SAW The violation of article 5.1.f) of the RGPD implies the commission of the violations typified in article 83.5 of the62 KB (9,703 words) - 13:05, 13 December 2023
- AEPD (Spain) - EXP202105644 (category Article 5(1)(f) GDPR)the provided for in article 58.2.b) of the RGPD, for the alleged infringement of article 5.1.f) of the RGPD, typified in article 83.5.a) of the RGPD. SECOND:27 KB (4,121 words) - 15:06, 13 December 2023
- CNIL (France) - SAN-2019-010 (category Article 5(1)(c) GDPR)shall take into account the criteria set out in Article 83 of Regulation (EU) No 2016/679. Article 83 of the RGPD provides for : 1. Each enforcement authority62 KB (10,001 words) - 17:09, 6 December 2023
- entitled to erasure under Article 17(1)(d) GDPR, as the data processing was not lawful. In any case, the requirements of Article 6 GDPR were no longer met 651 KB (8,215 words) - 09:55, 13 May 2022
- CJEU - C‑340/21 - Natsionalna agentsia za prihodite (category Article 5 GDPR)pursuant to Article 82 GDPR. According to the Advocate General’s opinion, even if the notion of damages should be interpreted broadly, Article 82 GDPR implies13 KB (1,963 words) - 11:04, 5 January 2024
- APD/GBA (Belgium) - 31/2020 (category Article 5(1)(c) GDPR)fail to adhere to the data transparency (Article 5(1)(a) GDPR) and the data minimisation (Article 5(1)(c) GDPR) principles? Was the defendant required to48 KB (7,926 words) - 16:56, 12 December 2023
- UODO (Poland) - ZSPU.421.3.2019 (category Article 5(1)(e) GDPR)provided for in Article 5(1)(a), (e) and (f), Article 5(2), Article 24(1) and (2), Article 28(3), Article 30(1)(d) and (f) and Article 32(1) of the General58 KB (9,357 words) - 10:02, 17 November 2023
- Datatilsynet (Norway) - 20/02375 (category Article 6(1)(f) GDPR)rating, breaching Article 6(1) GDPR, and required the company to implement a policy for conducting credit ratings per Article 24 GDPR. A person lodged a40 KB (5,943 words) - 18:54, 5 March 2022
- HDPA (Greece) - 6/2020 (category Article 5 GDPR)conferred on it by the provisions of Article 58 of the GDPR and Article 15 of Law 4624/2019. 2. As Article 5 of the GDPR defines the processing principles29 KB (4,557 words) - 15:33, 6 December 2023
- HDPA (Greece) - 4/2020 (category Article 5(2) GDPR)violating Article 15(1) and (4) GDPR as well as the principle of accountability pursuant to Article 5(2) GDPR. The complainant requested twice via e-mail all18 KB (2,865 words) - 15:33, 6 December 2023
- CNIL (France) - SAN-2022-025 (category Article 4(11) GDPR)fine, the criteria specified in the same Article 83." 112. Under Article 83 of the GDPR, as referred to in Article 20(III) of the Data Protection Act: "182 KB (13,463 words) - 17:03, 6 December 2023
- AEPD (Spain) - PS/00341/2019 (category Article 21 GDPR)against the respondent, for the alleged infringement of Article 5.1.d) of the RGPD, typified in Article 83.5 of the RGPD. SIXTH: On October 28, 19, written allegations26 KB (4,032 words) - 14:31, 13 December 2023
- HDPA (Greece) - 2/2020 (category Article 12(4) GDPR)to as ‘GDPR’), which replaced Directive 95/56, has been applicable since 25 May 2018. In accordance with the provisions of Article 15 (1) GDPR, the data12 KB (1,773 words) - 15:33, 6 December 2023
- CNIL (France) - SAN-2021-023 (category Article 56 GDPR) (section The material competence of the CNIL and the non-application of the "one-stop shop" mechanism provided for by the GDPR)all" button be considered a breach of GDPR Article 4(11) and Article 7, read in conjunction with GDPR Article 5(3) -Privacy while the data controller gives120 KB (19,650 words) - 09:00, 6 April 2022
- UODO (Poland) - DKN.5131.5.2020 (category Article 83(1) GDPR)subjects, according to Article 33(1) GDPR and Article 34(1) GDPR? The PUODO held that the insurance company infringed the GDPR provisions, failing to notify47 KB (7,608 words) - 10:00, 17 November 2023
- CNPD (Portugal) - Deliberação 2021/1569 (category Article 5(1)(e) GDPR)under Article 5 (1)(e)GDPR, the duty to provide information under Article 13 GDPR, and the obligation to carry out a DPIA under Article 35(3)(b) GDPR. The11 KB (1,491 words) - 16:54, 6 December 2023
- AEPD (Spain) - PS/00278/2019 (category Article 83(5) GDPR)lack of valid consent under Article 6(1)(a) GDPR. Thus, it imposed VODAFONE a fine of EUR 75,000 under Article 83(5) GDPR, being indecisive whether there23 KB (3,672 words) - 14:25, 13 December 2023
- AEPD (Spain) - PS/00095/2020 (category Article 83(5) GDPR)by the alleged violation of Article 5.1(f) of the GDPR, Article 5.1(b) of the GDPR, as set out in Article 83.5 of the GDPR. FOURTH: On 10 June 2020, the15 KB (2,317 words) - 13:59, 13 December 2023
- UODO (Poland) - DKN.5130.1354.2020 (category Article 83(5)(a) GDPR)the obligations set out in Article 24 (1), Article 25 (1), Article 32 (1 ) (b ) and (d) and Article 32 (2), both Article 83 sec. 4 lit. a regulation 2016/67974 KB (11,513 words) - 09:58, 17 November 2023
- Garante per la protezione dei dati personali (Italy) - 9361186 (category Article 83(5) GDPR)i) and 83 of the RGPD and Article 166 of the Code, has the corrective power to "impose a pecuniary administrative sanction pursuant to Article 83, in addition31 KB (5,041 words) - 15:49, 6 December 2023
- AEPD (Spain) - PS/00070/2019 (category Article 5 GDPR)referred to Article 5(1)(a) (principle of lawfulness, fairness and transparency), Article 12(1), Article 7, Article 13 and Article 14 GDPR, the corresponding422 KB (70,184 words) - 13:56, 13 December 2023
- APD/GBA (Belgium) - 36/2021 (category Article 5(1) GDPR)approved appeal of Article 5(1)(a), Article 12(1), Article 13(1) and Article 13(2). The appeal for Article 5(1)(c), Article 6(1) and Article 8 GDPR was not approved62 KB (9,417 words) - 16:57, 12 December 2023
- Personvernnemnda (Norway) - 2022-14 (20/02368) (category Article 83(1) GDPR)is whether, according to the Personal Protection Ordinance, Article 83 No. 5, cf. Article 83 No. 2, an infringement fee must be imposed for a breach of26 KB (4,039 words) - 09:08, 20 January 2023
- specified in Article 83 of the GDPR. 92. 92. Firstly, the restricted formation emphasises that, in this case, the criterion provided for in Article 83(2)(a) of73 KB (11,864 words) - 17:03, 6 December 2023
- AEPD (Spain) - PS/00086/2020 (category Article 83(5) GDPR)constitute a violation of Article 5 (1) (f) of the RGPD? For infringing Article 5(1)(f) GDPR, in conjunction with Article 72(1)(a) LOPDGDD, the Spanish14 KB (2,017 words) - 13:57, 13 December 2023
- CE - N° 433311 (category Article 5(1)(e) GDPR)company for faulty website security (article 32 GDPR) and violation of the storage limitation principle (article 5(1)(e) GDPR). After a complaint in 2018, the18 KB (2,677 words) - 09:50, 10 September 2021
- NAIH (Hungary) - NAIH/2020/34/3 (category Article 83(2)(a) GDPR)Under Article 83 (2), (5) and (7) of the General Data Protection Regulation: '... 2. Administrative fines shall be imposed in accordance with Article 58 (2)48 KB (7,727 words) - 10:11, 17 November 2023
- Court of Appeal of Brussels - 2020/AR/1333 (category Article 5(1)(a) GDPR)c of the GDPR} d) Any violation committed by the controller or processor (article 83.2.e of the GDPR} e) The degree of cooperation established with the51 KB (7,792 words) - 11:43, 24 January 2022
- Garante per la protezione dei dati personali (Italy) - 9542096 (category Article 83(5) GDPR)a violation of Article 12(3) in relation to Article 15 GDPR. The Garante hence applied an administrative fine as per Article 83(5) GDPR. The amount of21 KB (3,092 words) - 15:54, 6 December 2023
- AEPD (Spain) - PS/00266/2019 (category Article 83(2)(e) GDPR)with the provisions of article 58.2.b) of the RGPD, for the alleged infringement of article 13 of the RGPD, typified in article 83.5.b) of the RGPD SECOND:28 KB (4,459 words) - 14:23, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9529527 (category Article 83(5)(b) GDPR)stakeholders did not follow the security principles as per Article 5(1)(f) GDPR (ed.: the decision actually reads 5(2)(f)), highlighting ‘the absence of an assessment55 KB (8,833 words) - 15:54, 6 December 2023
- UODO (Poland) - ZSZZS.440.768.2018 (category Article 83(5)(a) GDPR)connection with Article 5 paragraph 1 point c, Article 9 paragraph 1, Article 58 paragraph 2 point f, point g and point i and with Article 83 paragraph 2 and32 KB (5,139 words) - 10:02, 17 November 2023
- AEPD (Spain) - PS/00269/2019 (category Article 83(5) GDPR)with a reprimand under Article 83(5) and required them to bring their processing in line with the requirements in Article 5(1)(f) GDPR in order to prevent30 KB (4,761 words) - 14:24, 13 December 2023
- AEPD (Spain) - PS/00436/2019 (category Article 83(5) GDPR)LPACAP), for the alleged infringement of Article 58. 1 of the RGPD, typified in Article 83.5 of the RGPD. 2/5 SIXTH: The aforementioned agreement to commence14 KB (2,123 words) - 14:40, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9446730 (category Article 5(1)(e) GDPR)months to two years; in any case, the sanction set forth in article 83, paragraph 5, letter e) of the Regulation may be applied at administrative level.34 KB (5,420 words) - 15:51, 6 December 2023
- Garante per la protezione dei dati personali (Italy) - 9445324 (category Article 5(1)(a) GDPR)for in Article 83, paragraph 5, of the Regulation applicable, pursuant to Article 58, paragraph 2, letter i), of the Regulation itself and Article 166, paragraph19 KB (2,989 words) - 15:51, 6 December 2023
- Garante per la protezione dei dati personali (Italy) - 9779057 (category Article 83(5) GDPR)therefore held that the controller violated Article 5(f) (principles of integrity and confidentiality) and Article 9 by communicating personal data, including63 KB (9,916 words) - 11:28, 16 August 2022
- UODO (Poland) - DKE.561.2.2020 (category Article 58(1)(e) GDPR)connection with Article 31, Article 58(1)(e) in connection with Article 83(1-3) and Article 83(5)(e) of Regulation 2016/679 of the European Parliament and of27 KB (4,390 words) - 09:50, 17 November 2023
- UODO (Poland) - DKE.561.13.2020 (category Article 58(1)(e) GDPR)Protection, pursuant to Article 83(3) and Article 83(4)(a) and Article 83(5)(e) of Regulation 2016/679, in conjunction with Article 103 of the Personal Data27 KB (4,446 words) - 09:51, 17 November 2023
- UODO (Poland) - ZSOŚS.421.25.2019 (category Article 5(1)(e) GDPR)confidentiality of personal data (Article 5 (1) (f) of Regulation 2016/679) or rules for limiting data storage (Article 5 (1) (e) of Regulation 2016/679), resulting156 KB (25,012 words) - 10:01, 17 November 2023
- AEPD (Spain) - PS/00069/2020 (category Article 83(5) GDPR)the processing of personal data (83 (2) (k) GDPR); the fact that basic personal identifiers are affected (83 (2) (g) GDPR); the intentionality or negligence20 KB (3,066 words) - 13:55, 13 December 2023
- AEPD (Spain) - PS/00075/2020 (category Article 83(5)(a) GDPR)respondent: a) for the alleged infringement of Article 6.1.a) of the GDPR, sanctioned in accordance with the Article 83.5.a) of the aforementioned RGPD and, b)31 KB (4,909 words) - 13:56, 13 December 2023
- AEPD (Spain) - PS/00117/2022 (category Article 83(5) GDPR)(hereinafter, LPACAP), for the alleged violation of article 6 of the RGPD, typified in article 83.5 of the GDPR. SIXTH: On June 30, 2022, the claimed party presented30 KB (4,623 words) - 12:58, 13 December 2023
- DSB (Austria) - 2020-0.111.488 (category Article 83(5)(a) GDPR)(Datenschutzbehörde - DSB) held that the doctor had violated Article 5(1)(a) GDPR and Article 9(1) and (2) GDPR as the patients had not given their ecplicit consent8 KB (1,048 words) - 13:50, 12 May 2023
- AEPD (Spain) - PS/00320/2020 (category Article 83(5) GDPR)described violates article 6.1. of the RGPD and is subsumable in the sanctioning type of the article 83.5.a, of the RGPD. IV Article 72.1.b) of the LOPDGDD18 KB (2,736 words) - 14:28, 13 December 2023
- AEPD (Spain) - PS/00104/2020 (category Article 5(1)(f) GDPR)defendant is defined in Articles 83.4.a) and 83.4.b) respectively. 83.5.a) of the RGPD, precepts that they establish: Article 83.4: "Violations of the following36 KB (6,022 words) - 13:59, 13 December 2023
- AEPD (Spain) - PS/00079/2020 (category Article 83(5)(a) GDPR)paragraph k) of Article 83.2 of the RGPD, the LOPDGDD, Article 76, "Sanctions and corrective measures", it provides: "In accordance with Article 83(2)(k) of Regulation20 KB (3,301 words) - 13:57, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9861827 (category Article 5(1)(a) GDPR)violated Article 12 GDPR, as it did not facilitate the data subject´s exercise of their rights, especially the right to erasure under Article 17 GDPR. In view87 KB (14,525 words) - 15:45, 6 December 2023
- AEPD (Spain) - PS/00484/2020 (category Article 6(1)(a) GDPR)A.U., with NIF A80907397, for the alleged violation of article 6.1. GDPR typified in article 83.5.a) of the aforementioned RGPD. 1. APPOINT D. B.B.B. as27 KB (4,189 words) - 14:44, 13 December 2023
- AEPD (Spain) - EXP202102088 (category Article 83(5)(b) GDPR)claimed party, for the alleged infringement of article 13 of the RGPD, typified in article 83.5 of the GDPR. FIFTH: After the period granted for the formulation26 KB (3,881 words) - 13:35, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9509515 (category Article 83(5) GDPR)for in art. 83, par. 5, letter e) of the Regulation. Pursuant to Article 78 of the Regulation, as well as Article 152 of the Code and Article 10 of Legislative33 KB (5,342 words) - 15:52, 6 December 2023
- AEPD (Spain) - PS/00340/2019 (category Article 83(5) GDPR)infraction of Article 6.1.a) of the RGPD, typified in Article 83.5 of the RGPD, a penalty of APPRECIATION, in accordance with the provisions of Article 58.2 RGPD23 KB (3,554 words) - 14:31, 13 December 2023
- AEPD (Spain) - PS/00348/2020 (category Article 83(5)(a) GDPR)the infringement - Article 83(2)(b) - and the fact that the infringement involved the “basic identifiers” of the claimant - Article 83(2)(g) - to be aggravating38 KB (5,648 words) - 14:31, 13 December 2023
- AEPD (Spain) - PS/00279/2020 (category Article 83(5) GDPR)fine of € 5 000 for the violation of Article 6 GDPR and € 4 000 for the violation of article 13, under the power conferred by Article 83(5) GDPR. Share your21 KB (3,123 words) - 14:25, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9435753 (category Article 83(5) GDPR)by Wind Tre a breach of Articles 5, 6 and 24 GDPR? Was the processing by Wind Tre in violation of Articles 5 and 6 GDPR? Was the information provided by129 KB (21,020 words) - 15:49, 6 December 2023
- UODO (Poland) - DKE.561.16.2020 (category Article 31 GDPR)Protection, pursuant to Article 83(3) and Article 83(4)(a) and Article 83(5)(e) of Regulation 2016/679, in conjunction with Article 103 of the Personal Data28 KB (4,490 words) - 09:51, 17 November 2023
- AEPD (Spain) - PS/00220/2020 (category Article 83(5)(a) GDPR)for the alleged infractions of the article 5.1 d) and 17 of the RGPD, infractions typified in article 83.5 a) and 83.5 b) of the RGPD and classified as very28 KB (4,295 words) - 14:11, 13 December 2023
- AEPD (Spain) - PS/00085/2021 (category Article 6(1)(a) GDPR)violation of article 6.1. GDPR typified in article 83.5.a) of the aforementioned RGPD. 1. APPOINT Mr. D.D.D. as instructor. and as secretary to Mrs. E.E.E., indicated28 KB (4,350 words) - 13:57, 13 December 2023
- LG Bonn - 29 OWi 1/20 (category Article 83(1) GDPR)states that the party concerned violated Article 83(4)(a) GDPR in conjunction with [Article 32(1) GDPR. Article 32 (1) GDPRby failing, at least with gross58 KB (9,577 words) - 08:06, 16 September 2021
- AEPD (Spain) - EXP202105333 (category Article 6(1) GDPR)hereinafter, LPACAP), for the alleged infringement of Article 6.1 of the GDPR, typified in Article 83.5 of the GDPR. SIXTH: On October 13, 2022, DIGI requests the49 KB (7,973 words) - 13:25, 13 December 2023
- AEPD (Spain) - PS/00324/2020 (category Article 83(5)(a) GDPR)criteria stated in Article 83(5)(a) GDPR. In imposing the fine, the AEPD factored in accordance with Article 83(2) GDPR and Article 76 LOPDGDD the following25 KB (3,670 words) - 14:28, 13 December 2023
- AEPD (Spain) - PS/00402/2019 (category Article 83 GDPR)with NIF A85850394, for the presumed infringement of Article 6.1 of the RGPD typified in Article 83.5 a) of the aforementioned RGPD". opting for a penalty15 KB (2,327 words) - 14:34, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9451734 (category Article 5(1)(c) GDPR)c) and e) GDPR. Lastly, they carried out a dissemination of sensitive data - i.e. disabilities of the students - of vulnerable subjects (i.e. minors)24 KB (3,697 words) - 15:52, 6 December 2023
- AEPD (Spain) - EXP202200439 (category Article 83(5)(a) GDPR)particular case; SAW Both the infringement of article 9 and article 6 of the RGPD, are found provided for in article 83.5 a) of the RGPD where it is established36 KB (5,608 words) - 13:01, 13 December 2023
- AEPD (Spain) - PS/00043/2020 (category Article 83(5) GDPR)procedure to the claimed, by the alleged infringement of article 13 of the RGPD, typified in article 83.5 of the RGPD. SEVENTH: Once the aforementioned commencement24 KB (3,838 words) - 13:51, 13 December 2023
- Datatilsynet (Norway) - 20/02191 (category Article 5(1)(f) GDPR)processing special categories of data, cf. Article 32(1)(b) GDPR, Article 32(1)(d), Article 24 and Article 35, cf. Article 5. In May 2019, a municipality reported38 KB (5,967 words) - 11:48, 7 May 2022
- AEPD (Spain) - PS/00200/2020 (category Article 83(2)(b) GDPR)punishable under Article 83(4)(a) GDPR. Assessing the circumstances that modify the responsibility contemplated in Article 83(2) GDPR, in this case, the30 KB (4,833 words) - 14:10, 13 December 2023
- AEPD (Spain) - EXP202204881 (category Article 6(1) GDPR)the LPACAP, for the alleged infringement of Article 6.1 of the GDPR, typified in Article 83.5 of the GDPR. SIXTH: On January 23, 2023, DIGI requests a55 KB (9,017 words) - 10:46, 13 December 2023
- AEPD (Spain) - PS/00189/2020 (category Article 58(2) GDPR)claimed party, for the alleged infraction of the Article 58.2 of the RGPD, typified in Article 83.5 e) of the RGPD. Said agreement was notified through22 KB (3,343 words) - 14:08, 13 December 2023
- AEPD (Spain) - PS/00278/2020 (category Article 5(1)(a) GDPR)images, in violation of Article 5(1)(a) GDPR? The Spanish DPA (AEPD) found that the defendant's conduct violated Article 5(1)(a) GDPR, as a broader principle28 KB (4,592 words) - 14:25, 13 December 2023
- AEPD (Spain) - PS/00408/2019 (category Article 58(2) GDPR)Page 4 4/5IIIThis infraction is typified in article 83.5.e) of the RGPD, which considers as such: “ nofacilitate access in breach of article 58, paragraph12 KB (1,812 words) - 14:35, 13 December 2023
- NAIH (Hungary) - NAIH/2020/3479 (category Article 5(1)(d) GDPR)suspension. " 5 Pursuant to Article 83 (2), (5) and (7) of the General Data Protection Regulation: “[...] administrative fines in accordance with Article 58 (2)30 KB (4,563 words) - 10:12, 17 November 2023
- AEPD (Spain) - PS/00452/2019 (category Article 83(5)(a) GDPR)GPRD), an offense under Article 83(5)(a) of the GPRD and described as very serious in article 72.1. a) of Organic Law 3/2018 of 5 December, on Protection25 KB (4,037 words) - 14:55, 13 December 2023
- AEPD (Spain) - PS/00099/2022 (category Article 83(5) GDPR)alleged infringement of Article 5.1.f) of the RGPD, typified in Article 83.5 of the RGPD, and Article 32 of the RGPD, typified in article 83.4 of the RGPD Once38 KB (5,920 words) - 12:43, 13 December 2023
- AEPD (Spain) - PS/00483/2020 (category Article 5(1)(f) GDPR)established by Article 5(1)(f) GDPR? Was there a personal data breach? The AEPD considered that there was an infringement of Article 5(1)(f), as there32 KB (4,834 words) - 14:43, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9445180 (category Article 5(1)(e) GDPR)Articles 5, paragraph 1, letter a), c) and e), 12, 13, 15 of the Regulation, the outcome of the proceedings referred to in Article 166, paragraph 5 conducted34 KB (5,414 words) - 15:50, 6 December 2023
- Garante per la protezione dei dati personali (Italy) - 9440075 (category Article 5(1)(a) GDPR)with art. 5 and 6 of the GDPR? The DPA held that Regione Campania violated art 5(1)(a)(c), art. 6(1)(c)(e), art. 6(2) and art. 6(3)(b) GDPR, and concluded27 KB (4,339 words) - 15:50, 6 December 2023
- CNPD (Portugal) - Deliberação 2022/140 (category Article 5(1)(e) GDPR)each; ii. 0a misdemeanour, p. e p. by Article 5(1)(e) in conjunction with Article 5(1)(e) a) Article 83.0.5, both of the GDPR, will be sanctioned with a fine75 KB (12,306 words) - 10:02, 21 December 2022
- AEPD (Spain) - PS/00287/2020 (category Article 5(1)(f) GDPR)established by Article 5(1)(f) GDPR? Was there a personal data breach? The AEPD considered that there was an infringement of Article 5(1)(f), as there32 KB (4,837 words) - 14:26, 13 December 2023
- VDAI (Lithuania) - VDAI vs UAB Prime Leasing (category Article 83(2)(a) GDPR)to the present case for infringement of Article 24 and/or Article 32 of the GDPR (Article 83(2)(e) of the GDPR). The company cooperated with the SDPI during37 KB (4,319 words) - 09:20, 17 November 2023
- ICO - Monetary Penalty on Ticketmaster UK Limited (category Article 5(1)(f) GDPR)cannot be squared with the evidence.e" 5.5.5 Further: 5.5.5.1 At §§18-23, Ticketmaster submitted that it had met its GDPR obligations by establishing "adequate130 KB (21,195 words) - 13:52, 25 April 2021
- AEPD (Spain) - PS/00449/2019 (category Article 83(5) GDPR)with NIF G08564379, an infringement of article 5.1.b) GDPR, typified in Article 83.5 GDPR, in relation to Article 72.1 a) of the LOPDGDD, a fine of 500019 KB (2,862 words) - 14:43, 13 December 2023
- AP (The Netherlands) - 09.04.2021 (category Article 83(5) GDPR)of Article 12(1) GDPR. The AP outlined that, in the event of an infringement of Article 12(1) of the GDPR, pursuant to Article 58(2)(i) and Article 83(5)12 KB (1,616 words) - 17:08, 12 December 2023
- DSB (Austria) - 2020-0.550.322 (category Article 83(5)(a) GDPR)other legal basis for processing under Article 6 GDPR, the controller had violated Article 5(1)(a) and Article 6(1) GDPR. Taking into account the low income26 KB (4,098 words) - 13:51, 12 May 2023
- AEPD (Spain) - PS/00351/2019 (category Article 58(2)(c) GDPR)the offence referred to in Article 83 (5) (e) of the GDPR, which will be sanctioned in accordance with Article 58 (2) GDPR. oepd LEGAL BASIS I By virtue17 KB (2,739 words) - 14:31, 13 December 2023
- LfDI (Baden-Württemberg) - O 1018/115 (category Article 83(1) GDPR)accordance with Article 32 paragraph 1 letter a DSGVO. The unsecured passwords are personal data, since these passwords, the associated user names and e-mail addresses13 KB (1,926 words) - 10:22, 17 November 2023
- AEPD (Spain) - PS/00275/2019 (category Article 83(5) GDPR)LPACAP), for the alleged infringement of Article 5.1(f) of the GDPR, as defined in Article 83.5(a) of the GDPR. FOURTH: Having been notified of the above-mentioned21 KB (3,335 words) - 14:25, 13 December 2023
- AEPD (Spain) - EXP202206302 (category Article 83(5)(a) GDPR)sanctioning procedure, under Article 83(5)(a) of the GDPR, against AAA on 21 December 2022, due to a infringement of Article 6. AAA was the father of the28 KB (4,608 words) - 13:27, 13 December 2023
- Datatilsynet (Norway) - 18/02579 (category Article 5(1)(f) GDPR)subsequent violations of Article 32(1)(b) GDPR and Article 32(1)(d) GDPR and of the principle of accountability as foreseen in Article 5(2) GDPR read in conjunction41 KB (6,337 words) - 18:52, 5 March 2022
- APD/GBA (Belgium) - 10/2019 (category Article 5(1)(e) GDPR)been taken up in Article 5(1)(b) of the GDPR under the Principles relating to the processing of personal data (Chapter II). Article 5(1)(b) of the RGPD32 KB (5,190 words) - 16:51, 12 December 2023
- Garante per la protezione dei dati personali (Italy) - 9446659 (category Article 5(1)(a) GDPR)i) and 83 of the RGPD and Article 166 of the Code, has the corrective power to "impose a pecuniary administrative sanction pursuant to Article 83, in addition25 KB (3,911 words) - 15:51, 6 December 2023
- AEPD (Spain) - EXP202204530 (category Article 83(5)(b) GDPR)of €10,000.00. claimed, for the violation of article 6.1 of the RGPD, typified in article 83.5.a) of the GDPR. C/ Jorge Juan, 6 www.aepd.es 28001 – Madrid26 KB (3,971 words) - 13:26, 13 December 2023
- AEPD (Spain) - PS/00093/2019 (category Article 5(1)(f) GDPR)violation of Article 5.1.f) of the RGPD, an action that can be subsumed under the sanctioning type of article 83.5 of the RGPD. IV Article 58 of the RGPD37 KB (5,995 words) - 13:58, 13 December 2023
- UODO (Poland) - DKE.561.1.2020 (category Article 58(1)(e) GDPR)the Council in the context of Article 31, Article 58(1)(e) in conjunction with Article 83(1) to (3) and Article 83(5)(e) of Regulation 2016/679 of the31 KB (5,101 words) - 09:52, 17 November 2023
- UODO (Poland) - DKN.5131.31.2021 (category Article 5(1)(a) GDPR)above-mentioned art. 83 sec. 4 lit. a) of Regulation 2016/679, while for violation of Art. 5 sec. 1 lit. a) Regulation 2016/679 - pursuant to art. 83 sec. 5 lit. (a)105 KB (17,237 words) - 09:22, 10 May 2023
- AEPD (Spain) - PS/00182/2020 (category Article 6(1) GDPR)parties (article 83.2.k, of the RGPD in relation to article 76.2.b, of the LOPDGDD). The balance of the circumstances contemplated in article 83.2 of the21 KB (3,154 words) - 14:07, 13 December 2023
- IMY (Sweden) - DI-2021-5595 (category Article 5(1)(f) GDPR)show that the basics the principles of Article 5 of the Data Protection Regulation are complied with (Article 5 (2)). The person responsible for personal47 KB (5,207 words) - 18:51, 21 March 2022
- CNIL (France) - SAN-2020-008 (category Article 5(1)(e) GDPR)same Article 83. 181. Article 83 of the RGPD provides : 1. Each control authority shall ensure that administrative fines imposed under this Article for104 KB (16,646 words) - 17:09, 6 December 2023
- AEPD (Spain) - EXP202104875 (category Article 5(1)(f) GDPR)of the article 5.1.f) of the RGPD, infringement typified in its article 83.5.a) of the aforementioned regulation. IV. Article 83.5 a) of the GDPR, considers54 KB (8,451 words) - 13:35, 13 December 2023
- AEPD (Spain) - PS/00201/2019 (category Article 83(5)(b) GDPR)with the provisions of article 58.2.b) of the RGPD, for the alleged infringement of article 14 of the RGPD, typified in article 83.5.b) of the RGPD. In that54 KB (9,019 words) - 14:10, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9440000 (category Article 5(1)(c) GDPR)administrative sanction provided for in Article 83, paragraph 5, of the Regulation applicable, pursuant to Article 58, paragraph 2, letter i), of the Regulation24 KB (3,852 words) - 15:50, 6 December 2023
- AEPD (Spain) - PS/00415/2019 (category Article 6(1) GDPR)regard to Article 83.2 (k) of the RGPD, the LOPDGDD, Article 76, "Sanctions and corrective measures", provides: "2. In accordance with Article 83(2)(k) of22 KB (3,521 words) - 14:36, 13 December 2023
- CNPD (Luxembourg) - Délibération n° 47FR/2021 (category Article 5(1)(c) GDPR)the number of data subjects (Article 83.2.a) of the GDPR), the As for the number of data subjects (Article 83.2.a) of the GDPR), the Panel notes that these69 KB (11,315 words) - 13:30, 19 January 2022
- Court of Appeal of Brussels - 2021/AR/163 (category Article 83 GDPR)information obligation provided for a / 'article 14, §5, (c) of the GDPR. (...) Pursuant to article 14, §5, (c) of the GDPR, the responsibility for processing72 KB (11,389 words) - 08:59, 20 August 2021
- AEPD (Spain) - EXP202204631 (category Article 5(1)(f) GDPR)comes regulated in article 32 of the GDPR. II Article 5.1.f) of the GDPR Article 5.1.f) of the GDPR establishes the following: "Article 5 Principles relating36 KB (5,485 words) - 13:19, 13 December 2023
- UODO (Poland) - ZSPR.421.3.2018 (category Article 14 GDPR)disproportionate pursuant to Art. 14 par. 5 lit. b GDPR? The President of UODO found that: 1) The applicable provision is the Art. 14 GDPR since the data controller collects52 KB (8,444 words) - 10:01, 17 November 2023
- Personvernnemnda (Norway) - 2022-13 (21/00481) (category Article 5(1)(f) GDPR)controller) about €352,555 (NOK 4,000,000) for violating Article 5(1)(f) GDPR, Article 24 GDPR and Article 32 GDPR after a serious ransomware attack led to highly45 KB (6,913 words) - 12:13, 15 March 2023
- AEPD (Spain) - PS/00139/2020 (category Article 83(5) GDPR)with NIF A80907397, for the alleged infringement of Article 5.1.d) of the RGPD as defined in article 83.5.a) of the aforementioned RGPD. To appoint Mr. B.B20 KB (3,086 words) - 14:04, 13 December 2023
- AEPD (Spain) - PS/00010/2020 (category Article 83(5) GDPR)pursuant to Article 83(5), the AEPD stated that Articles 83(2)(b) (the "unintentional but signficant negligent" character of the infringement) and 83(2)(g) (the22 KB (3,523 words) - 13:45, 13 December 2023
- UODO (Poland) - DKE.561.17.2020 (category Article 58(1)(e) GDPR)Entrepreneur - based on Article 83(5)(e) of Regulation 2016/679, in connection with the Entrepreneur's violation of Article 31 and Article 58(1)(e) of Regulation22 KB (3,364 words) - 09:52, 17 November 2023
- AEPD (Spain) - PS/00405/2019 (category Article 6(1) GDPR)significant (Article 83(2)(b) GDPR). - basic personal identifiers were affected (name, identification number, the line identifier) (Article 83(2)(g) GDPR). The24 KB (3,887 words) - 14:34, 13 December 2023
- CNPD (Luxembourg) - Délibération n° 18/FR/2022 (category Article 5(1)(b) GDPR)elements provided for in Article 83.2 of the GDPR: - As to the nature and seriousness of the violation (Article 83.2.a) of the GDPR), it is that with respect76 KB (11,147 words) - 16:58, 6 December 2023
- Garante per la protezione dei dati personali (Italy) - 9468523 (category Article 5(1) GDPR)identity "(Article 4, par. 1, 1, of the GDPR). The processing of personal data must also take place in compliance with the principles indicated in art. 5 of the22 KB (3,488 words) - 15:52, 6 December 2023
- AEPD (Spain) - PS/00262/2020 (category Article 5(2) GDPR)(hereinafter, LPACAP), for the alleged violation of Article 6.1 of the RGPD, typified in Article 83.5 a) of the RGPD. FOURTH: Once the aforementioned commencement22 KB (3,293 words) - 14:23, 13 December 2023
- UODO (Poland) - DKE.561.11.2020 (category Article 58(2)(e) GDPR)and Article 57(1)(a), Article 83(1)-(2) and Article 83(6) in connection with Article 58(2)(e) and (i) of the Regulation of the European Parliament and46 KB (7,322 words) - 09:51, 17 November 2023
- VDAI - VDAI vs VĮ Registrų centras (category Article 83(2)(a) GDPR)violation committed by the Center of Registers listed in Article 83(2) (b), (c), (e), (f) and (h) GDPR, i. e. the absence of intent, the efforts made to restore8 KB (999 words) - 09:16, 17 November 2023
- AEPD (Spain) - PS/00058/2020 (category Article 5(1)(f) GDPR)for the alleged violation of article 5.1f) of the RGPD in relation to the Article 5 of the LOPDGDD, typified in article 83.5 a) of the RGPD. C / Jorge Juan28 KB (4,619 words) - 13:53, 13 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 4282/161/21 (category Article 5(1)(f) GDPR)controller had violated Article 5(1)(f) GDPR, Article 17(1) GDPR, Article 25(1) GDPR, Article 32(1) GDPR and Article 32(2) GDPR. As a result, the DPA issued56 KB (8,980 words) - 08:47, 4 March 2024
- AEPD (Spain) - EXP202206825 (category Article 6(1) GDPR)party was charged with claimed a violation of article 5.1.c) of the RGPD, typified in article 83.5.a) of the GDPR; considering that capturing images of shared31 KB (4,864 words) - 13:27, 13 December 2023
- AEPD (Spain) - PS/00209/2019 (category Article 83(2) GDPR)question. THIRD:By letter dated 18/01/19, in the context of Cases E/08257/2018, E/0482/2019 and E/2463/2019, the entity complained against provided the Agency26 KB (4,212 words) - 14:10, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9698724 (category Article 5(1)(a) GDPR)i), and 83, para. 4 and 5, of the same Regulation, as also referred to by art. 166, paragraph 2, of the Code. 5. Corrective measures (Article 58, par.83 KB (13,648 words) - 11:30, 16 August 2022
- AEPD (Spain) - PS/00247/2019 (category Article 32(2) GDPR)transmission by e-mail to at least one employee of the entity - infringes Article 32. 2 and 32.4 of the RGPD, an infringement punishable under Article 83.4.a of39 KB (6,720 words) - 14:22, 13 December 2023
- IMY (Sweden) - DI-2019-9457 (category Article 32(1) GDPR)show that the basics the principles of Article 5 of the Data Protection Regulation are complied with (Article 5 (2) of the Regulation). The person responsible43 KB (4,600 words) - 17:08, 23 March 2022
- AEPD (Spain) - PS/00356/2020 (category Article 6(1) GDPR)claimed by violation of article 83.5.a) of the RGPD, it is essential to examine and assess whether The circumstances described in article 83.2 of the RGPD concur26 KB (3,848 words) - 14:31, 13 December 2023
- AEPD (Spain) - PS/00423/2019 (category Article 13 GDPR)out in article 83.5.b) of the RGPD: -The claimed entity does not have previous infringements (83.2 e) RGPD). -It has not obtained direct benefits (83.2 k)23 KB (3,636 words) - 14:38, 13 December 2023
- Datatilsynet (Norway) - 20/02274 (category Article 5(1)(e) GDPR)fundamental principles of the GDPR, notably Article 5(1)(a) and (e) GDPR. The DPA found violations of various provisions of the GDPR. It held that the controller47 KB (7,661 words) - 18:54, 5 March 2022
- NAIH (Hungary) - NAIH-2020/2204/8 (category Article 83(2) GDPR)statement of the Debtor [Article 83 (2) (k) GDPR]; - the processing did not affect specific categories of personal data [Article 83 (2) GDPR paragraph (g)]; -60 KB (9,820 words) - 10:08, 17 November 2023
- Garante per la protezione dei dati personali (Italy) - 9445550 (category Article 83(5) GDPR)amount of the fine under Article 83(2) GDPR. The data subjects complains about the violation of its right of access (Article 15 GDPR) by the Istituto Nazionale22 KB (3,478 words) - 15:51, 6 December 2023
- BVwG - W258 2217446-1 (category Article 5(1) GDPR)personal data under Article 9(1) GDPR. Their processing would require the data subjects' explicit consent under Article 9(2)(a) GDPR and § 151(4) GewO,79 KB (12,652 words) - 09:41, 10 September 2021
- UODO (Poland) - DKN.5130.2024.2020 (category Article 5(1)(f) GDPR)Art. 5 sec. 1 lit. f), art. 24 sec. 1, art. 25 sec. 1, art. 28 sec. 1 and 3 and article. 32 sec. 1 and 2, as well as art. 83 sec. 1 - 3, art. 83 sec. 475 KB (12,104 words) - 09:58, 17 November 2023
- AEPD (Spain) - PS/00425/2019 (category Article 5(1)(f) GDPR)of an infringement of Article 5 (1) (f) of the GDPR under (74345679) (f) of the GDPR, as set out in Article 83 (5) (a) of the GDPR. SECOND: To notify this14 KB (2,140 words) - 14:39, 13 December 2023
- AEPD (Spain) - PS/00235/2020 (category Article 6(1) GDPR)(hereinafter, LPACAP), for the alleged violation of Article 6.1 of the RGPD, typified in Article 83.5 of the RGPD. FIFTH: Once the aforementioned start-up24 KB (3,766 words) - 14:21, 13 December 2023
- AEPD (Spain) - PS/00219/2019 (category Article 83(5)(a) GDPR)>>) " The violation of article 5.1.d) of the RGPD is typified in article 83.5 of Regulation (EU) 2016/679 in the following terms: "5. Violations of the following37 KB (5,785 words) - 14:11, 13 December 2023
- AEPD (Spain) - PS/00433/2020 (category Article 58(2)(c) GDPR)typified in article 83.5.e) of the RGPD, in an initial assessment,the following factors are considered concurrent:- Has not obtained direct benefits (83.2 k)23 KB (3,592 words) - 14:40, 13 December 2023
- Persónuvernd (Island) - 2022020363 (category Article 5 GDPR)and thus failed to fulfil its obligations under Article 5(1) GDPR, Article 24(1) GDPR and Article 28(1) GDPR. Second, the DPA found that, since the data processing142 KB (22,881 words) - 12:42, 16 January 2024
- Tietosuojavaltuutetun toimisto (Finland) - 3831/161/21 (category Article 5(1)(e) GDPR)Finnish DPA found a retail chain to have breached Article 5(1)(e) GDPR, Article 25(1) GDPR and Article 25(2) GDPR for its lengthy storage of purchase behaviour61 KB (9,477 words) - 13:38, 12 January 2024
- AEPD (Spain) - PS/00397/2019 (category Article 83(5) GDPR)according to Article 12 GDPR and Article 13 GDPR and to maintain a record of the processing activities under its responsibility according to Article 30(1) GDPR18 KB (2,741 words) - 14:34, 13 December 2023
- CE - 437808 (category Article 83 GDPR)Secondly, under Article 83 of the GDPR: "1. Each supervisory authority shall ensure that administrative fines imposed under this article for violations13 KB (1,928 words) - 09:51, 10 September 2021
- BVwG - W258 2227269-1/14E (category Article 83(5)(a) GDPR)violating Article 5(1) GDPR Article 6 (1) GDPR Article 6(4) GDPR Article 9 GDPR Article 14 GDPR Article 30 GDPR Article 35 GDPR and Article 36 GDPR. The fine47 KB (7,345 words) - 09:41, 10 September 2021
- AEPD (Spain) - PS/00027/2019 (category Article 83(5) GDPR)employees' surveillance was against the principle of purpose limitation, Article 5(1)(b) GDPR. Indeed, the controller carried out a disciplinary control though4 KB (351 words) - 13:48, 13 December 2023
- Datatilsynet (Norway) - 20/02225 (category Article 5(2) GDPR)dissuasive" as per Article 83(1). In addition to a breach of Article 6(1)(f), the lack of organisational measures pursuant to Article 5(2) was weighted when45 KB (7,286 words) - 18:55, 5 March 2022
- CNPD (Luxembourg) - Délibération n° 21FR/2021 (category Article 5(1)(c) GDPR)company was not compliant with Article 13 GDPR. The CNPD held that the controller infringed Article 5(1)(c) GDPR and Article 13 GDPR and decided to: - impose52 KB (7,520 words) - 13:13, 20 July 2021
- Court of Appeal of Brussels - 2022/AR/556 (category Article 5(1)(b) GDPR)criteria described in Article 83 GDPR for determining the fine and had not consulted the EDPB Guidelines regarding Article 83 GDPR (Guidelines 04/2022)83 KB (13,694 words) - 09:53, 14 December 2023
- APDCAT (Catalonia) - PS 49/2019 (category Article 5(1)(a) GDPR)provided for in Article 83.5.a) in relation to Articles 5.1.a) and 9; another infraction provided for in Article 83.5.b) in relation to Article 13; and a third38 KB (5,760 words) - 08:26, 8 September 2021
- AEPD (Spain) - EXP202100897 (category Article 83(5)(a) GDPR)consent tion under articles 5, 6, 7 and 9;” The LOPDGDD indicates in its article 72: "1. Based on the provisions of article 83.5 of Regulation (EU) 2016/67972 KB (11,671 words) - 13:34, 13 December 2023
- CNPD (Luxembourg) - Délibération n° 41FR/2021 (category Article 83 GDPR)analyzes the criteria set by Article 83.2 of the GDPR: - As to the nature and seriousness of the violation [article 83.2 a) of the GDPR], with regard to breaches56 KB (8,326 words) - 16:57, 6 December 2023
- AEPD (Spain) - PS/00268/2019 (category Article 13 GDPR)with the provisions of article 58.2.b) of the RGPD, for the alleged infringement of article 13 of the RGPD, typified in article 83.5.b) of the RGPD SECOND:28 KB (4,435 words) - 14:23, 13 December 2023
- APD/GBA (Belgium) - 75/2023 (category Article 6(1)(f) GDPR)Authority. II.5.2. Established infringement of Article 5(1)(a) j° Article 6(1)(f) and Article 12(2) GDPR in conjunction with Article 17 (1) GDPR. II.5.2.1. Administrative77 KB (11,604 words) - 08:55, 29 June 2023
- AEPD (Spain) - PS/00183/2022 (category Article 5(1)(d) GDPR)for which you are responsible, typified in article 83.5.b) RGPD, the provisions of articles 83.1 and 83.2 of the RGPD must be observed, precepts that state:63 KB (10,203 words) - 13:01, 13 December 2023
- AEPD (Spain) - PS/00132/2020 (category Article 83(5) GDPR)paragraph k) of Article 83.2 of the RGPD, the LOPDGDD, Article 76, "Sanctions and corrective measures", it provides: "In accordance with Article 83(2)(k) of Regulation24 KB (3,939 words) - 14:03, 13 December 2023
- AEPD (Spain) - PS/00232/2020 (category Article 6(1) GDPR)(hereinafter, LPACAP), for the alleged violation of Article 6.1.b) of the RGPD, typified in the Article 83.5 of the RGPD. FOURTH: Once the aforementioned initiation29 KB (4,386 words) - 14:20, 13 December 2023
- UODO (Poland) - DKE.561.3.2020 (category Article 31 GDPR)section 1 lit. e) and f) and art. 58 sec. 2 lit. i) in connection with Art. 83 sec. 1 and 2, art. 83 sec. 4 lit. a) and art. 83 sec. 5 lit. e) Regulation51 KB (8,322 words) - 09:51, 17 November 2023
- Garante per la protezione dei dati personali (Italy) - 9461168 (category Article 5(1)(f) GDPR)accuracy of the data processed (Article 5, paragraph 1, letter d) of the Regulation), nor in terms of safety and integrity (Article 5, paragraph 1, letter f) of50 KB (8,001 words) - 15:52, 6 December 2023
- AEPD (Spain) - PS/00439/2019 (category Article 83(5) GDPR)Spanish City Council with a warning of an infringement of Article 5(1)(c) pursuant to Article 83(5) over installed surveillance cameras in the City Hall.21 KB (2,946 words) - 14:40, 13 December 2023
- AEPD (Spain) - PS/00333/2019 (category Article 83(5)(a) GDPR)infringement of article 5.1(b), as defined in Article 83(5)(a) and considered for the purposes of the statute of limitations in Article 72(1)(a), a fine16 KB (2,625 words) - 14:29, 13 December 2023
- AEPD (Spain) - PS/00173/2020 (category Article 5(1)(d) GDPR)for the allegedviolation of article 5.1.f) of the RGPD, sanctioned in accordance with the provisions of theArticle 83.5.a) of the aforementioned RGPD22 KB (3,424 words) - 14:06, 13 December 2023
- EDPB - Binding Decision 2/2022 - 'Instagram' (category Article 5(1)(c) GDPR)the performance of a contract (Article 6(1)(b) GDPR) and for legitimate interest (Article 6(1)(f) GDPR). Article 6(1)(b) GDPR In its original draft decision276 KB (38,206 words) - 09:46, 20 January 2023
- AEPD (Spain) - PS/00174/2019 (category Article 5(1)(f) GDPR)organisation contravene Article 5(1)(f) GDPR? The AEPD found that the disclosure of her personal data to the 400 members violated Article 5(1)(f) GDPR. The AEPD stressed18 KB (2,714 words) - 14:07, 13 December 2023
- AEPD (Spain) - PS/00239/2022 (category Article 15 GDPR)violation of Article 15 of the GDPR, typified in Article 83.5 of the GDPR, as well as for the alleged infringement of Article 17 of the GDPR, typified in60 KB (9,630 words) - 12:34, 13 December 2023
- APD/GBA (Belgium) - 73/2020 (category Article 5 GDPR)to keep a register of processing activities of Article 30 GDPR and storage limitation Article 5(1)(e) GDPR. 6) Digital meters The data subject complains93 KB (14,040 words) - 17:00, 12 December 2023
- EDPB - Binding Decision 4/2022 - 'Meta (Instagram)' (category Article 5 GDPR)reasoned in accordance with Article 4(24) GDPR and, after conducting its own assessment of the factors under Article 83(2) GDPR, found that the proposed fine468 KB (51,340 words) - 14:10, 30 January 2023
- Garante per la protezione dei dati personali (Italy) - 9570997 (category Article 83(5) GDPR)reasons the Italian DPA, with the power conferred by Article 58(2)(d) and (f) and Article 83(3) and (5) GDPR, imposed to Fastweb multiple corrective measures131 KB (21,014 words) - 15:55, 6 December 2023
- AEPD (Spain) - PS/00448/2020 (category Article 5(1)(f) GDPR)complainant, Article 83(2)(h) GDPR - The existence of a prior complaint. Aggravating factors in accordance with Article 72(2)(a) & (b) LOPDGDD and Article 83(2)(k)45 KB (7,217 words) - 14:40, 13 December 2023
- AEPD (Spain) - PS/00357/2020 (category Article 13 GDPR)accordance with provided for in article 58.2.b) of the RGPD, for an infringement of article 13 of the RGPD, typified in article 83.5 of the RGPD, a warning sanction20 KB (3,075 words) - 14:32, 13 December 2023
- AEPD (Spain) - PS/00128/2020 (category Article 83(5)(b) GDPR)for an infringement of article 13 of the RGPD, typified in article 83.5.b) of the RGPD, a warning sanction in accordance with article 77.2 of the LOPDGDD39 KB (5,912 words) - 14:02, 13 December 2023
- NAIH (Hungary) - NAIH/2020/193/8 (category Article 5(1)(d) GDPR)been deleted by the employer upon request pursuant to Article 16, Article 17 and Article 5(1)(d) GDPR (inaccuracy of personal data). Therefore, the employer58 KB (9,413 words) - 10:11, 17 November 2023
- AEPD (Spain) - PS/00430/2020 (category Article 4(11) GDPR)his/her consent. The DPA first outlined Article 6(1)(a) and (b) GDPR, Articles 4(11) GDPR on consent, as well as Article 6 of the Spanish Data Protection Law31 KB (4,738 words) - 14:39, 13 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 3843/163/20 (category Article 5(1)(a) GDPR)the DPA held that the controller had violated Article 5(1)(a) GDPR, Article 5(1)(c) GDPR, Article 6 GDPR and Section 3 of the Finnish Act on the Protection39 KB (6,038 words) - 17:39, 29 April 2024
- Garante per la protezione dei dati personali (Italy) - 9269618 (category Article 5(1)(f) GDPR)(articles 58, paragraph 2, letter i and 83 of the Regulations; article 166, paragraph 7, of the Code). Pursuant to art. 83, par. 3 of the Regulation, if in relation34 KB (4,967 words) - 15:46, 6 December 2023
- APD/GBA (Belgium) - 02/2021 (category Article 6 GDPR)montant de 10.000 € (article 83, paragraphe 2, de l'AVG ; article 100, §1, 13° WOG et article 101 WOG). 129. Compte tenu de l'article 83 AVG et de la jurisprudence1796 KB (15,396 words) - 16:50, 12 December 2023
- AEPD (Spain) - PS/00227/2019 (category Article 6(1)(a) GDPR)regard to Article 83(2)(k) of the RGPD, the LOPDGDD, in its Article 76, 'Sanctions and corrective measures', states that "In accordance with Article 83(2)(k)36 KB (5,821 words) - 14:20, 13 December 2023
- UODO (Poland) - ZSPR.421.7.2019 (category Article 5(1)(a) GDPR)connection with Article 5 paragraph 1 point a, Article 5 paragraph 2, Article 6 paragraph 1, Article 7 paragraph 3, Article 12 paragraph 2, Article 17 paragraph60 KB (9,815 words) - 10:02, 17 November 2023
- AEPD (Spain) - EXP202104917 (category Article 4(11) GDPR)claimed party, for the alleged infringement of Article 6 of the RGPD, typified in Article 83.5 of the GDPR. FIFTH: Notification of the aforementioned start-up27 KB (4,356 words) - 12:41, 13 December 2023
- AEPD (Spain) - PS/00076/2020 (category Article 83(5) GDPR)Administration (LPACAP), by alleged violation of Article 5.1(b) of the GPMR, as set forth in Article 83.5 of the GPMR FOURTH: Upon notification of the above-mentioned8 KB (1,137 words) - 13:56, 13 December 2023
- AEPD (Spain) - EXP202100282 (category Article 6(1) GDPR)A.U. with NIF A-65559296, for the alleged violation of article 6.1. GDPR typified in article 83.5.a) of the aforementioned RGPD. C / Jorge Juan, 6 www.aepd27 KB (4,108 words) - 13:32, 13 December 2023
- HDPA (Greece) - 20/2022 (category Article 83(2)(a) GDPR)violation of article 17 in combination with article 21 par. 3 and article 12 paragraph 3 of the GDPR and article 25 paragraph 1 of the GDPR. For its judgment16 KB (2,374 words) - 11:46, 18 August 2022
- AEPD (Spain) - PS/00280/2022 (category Article 5(1)(f) GDPR)LPACAP), for the alleged infringement of article 5.1.f) of the RGPD and article 32 of the RGPD, typified in article 83.5 of the RGPD. EIGHTH: Notification of30 KB (4,551 words) - 11:51, 9 February 2023
- NAIH (Hungary) - NAIH/2020/2555 (category Article 5(1) GDPR)Applicant's e-mail address to the Applicant's e-mail address. Based on the above, the Authority concluded that the Applicant's address details and e-mail address33 KB (5,033 words) - 10:12, 17 November 2023
- AEPD (Spain) - PS/00051/2020 (category Article 6(1)(a) GDPR)withdrawal of consent under Article 7(3) GDPR. The Authority also considers the existence of a deletion request under Article 17 GDPR. The AEPD concludes that31 KB (4,853 words) - 13:52, 13 December 2023
- AEPD (Spain) - PS/00068/2020 (category Article 6(1) GDPR)violation of the article6.1. of the RGPD, in relation to article 20 e) of the LOPDGDD, typifiedin article 83.5.a) of the aforementioned GDPR.2. TO appoint27 KB (4,106 words) - 13:55, 13 December 2023
- AEPD (Spain) - PS/00135/2020 (category Article 83(2) GDPR)opening, in this Agency, of two investigation files: E/0065/2019 and E/3498/2019. A) With regard to Procedure E/0065/2019: C/ Jorge Juan, 6 www.aepd.es 2800147 KB (7,756 words) - 14:04, 13 December 2023
- AEPD (Spain) - EXP202203914 (category Article 6(1) GDPR)correspond would be for the infringement of article 6.1 of the GDPR, typified in article 83.5 a) of the GDPR, the sanction that would correspond would be37 KB (5,914 words) - 10:42, 13 December 2023
- NAIH (Hungary) - NAIH-2020-2546-5 (category Article 5(1)(c) GDPR)agreements Article 12 (1) of the GDPR 17 IV.5. Legal consequences (72) The Authority finds that the Client has infringed Article 5 (1) (c) GDPR, Article 6 Article72 KB (11,159 words) - 10:09, 17 November 2023
- HDPA (Greece) - 57/2021 (category Article 13 GDPR)2016/679 and article 11toun.3471 / 2006, according to article 58par.2 of the GCP in in combination with article 83 par. 5 of the GCC, and with article 21 par45 KB (7,165 words) - 15:22, 22 February 2022
- AEPD (Spain) - PS/00341/2020 (category Article 5 GDPR)principles are found under Article 5(1)(a) and Article 5(2) GDPR respectively]. The Spanish DPA even made reference to Recital 40 GDPR on the legality of processing32 KB (4,831 words) - 14:31, 13 December 2023
- AEPD (Spain) - PS/00464/2020 (category Article 32(1) GDPR)or of the Member States ”. The violation of article 32 is classified in article 83.4.a) of the cited GDPR in the following terms: "4. Violations of the29 KB (4,300 words) - 14:41, 13 December 2023
- Commissioner (Cyprus) - 17.05.23 (category Article 5(1)(c) GDPR)perpetrator (Article 83(2) GDPR). Lastly, the amount of the fine shall not exceed the maximum amounts provided for in Articles 83(4) (5) and (6) GDPR. The quantification31 KB (4,973 words) - 16:50, 6 December 2023
- AEPD (Spain) - PS/00008/2020 (category Article 6(1) GDPR)www.aepd.es 28001 - Madrid sedeagpd.gob.es Page 5 5/14 particular (…) ” III The RGPD deals in its article 5 with the principles that must govern the treatment27 KB (4,408 words) - 13:45, 13 December 2023
- AEPD (Spain) - EXP202105693 (category Article 83(1) GDPR)against the controller. Based on Article 72(1)(b) of the national data protection law, and Articles 83(1) and 83(2) GDPR, the DPA considered aggravating49 KB (7,579 words) - 13:15, 13 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 918/154/2019 (category Article 17(1) GDPR)was outdated and was no longer of importance to society. Pursuant to Article 17(1) GDPR, the data subject had requested Google LLC (the controller) to remove26 KB (4,072 words) - 12:18, 27 March 2024
- Garante per la protezione dei dati personali (Italy) - 9556625 (category Article 5(1) GDPR)the administrative sanctions referred to in art. 83, para. 4 and 5, of the GDPR. In this regard, art. 83, par. 3, of the RGPD, provides that «If, in relation57 KB (9,144 words) - 15:55, 6 December 2023
- AEPD (Spain) - PS/00151/2020 (category Article 5(1)(c) GDPR)A., with NIF *** NIF.1, For an infringement of article 5.1.c) of the RGPD, typified in article 83.5 of the mentioned rule, a fine of TWO THOUSAND EUROS28 KB (4,525 words) - 14:06, 13 December 2023
- AEPD (Spain) - EXP202205820 (category Article 6 GDPR)violating the provisions of article 6 of the GDPR, which supposes the commission of an infraction typified in article 83.5 of the GDPR, which provides the following:61 KB (9,700 words) - 13:21, 13 December 2023
- AEPD (Spain) - PS/00273/2019 (category Article 83(5) GDPR)against the respondent, by the alleged violation of Article 5.1(c) of the GPRS, as defined in Article 83.5 of the RGPD. In view of all that has been done,16 KB (2,359 words) - 14:24, 13 December 2023
- AEPD (Spain) - PS/00374/2018 (category Article 5(1)(c) GDPR)with NIF A85850394, for the presumed infringement of Article 6.1 of the RGPD typified in Article 83.5 a) of the aforementioned RGPD". opting for a penalty18 KB (2,711 words) - 13:43, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9269629 (category Article 83(5)(a) GDPR)Consequently, based on Article 83(5)(a) GDPR, the hospital was fined to pay a fine of EUR 30.000,00 for violation of Article 5(1)(f) GDPR. Corrective measures38 KB (5,724 words) - 15:47, 6 December 2023
- AEPD (Spain) - PS/00034/2020 (category Article 5(1)(f) GDPR)***NIF.1, for an infringement of Article 5.1.f) of the RGPD, typified in Article 83.5 of the RGPD, in relation to Article 72(1)(a) a fine of EUR 10 000 (TEN18 KB (2,727 words) - 13:50, 13 December 2023
- AEPD (Spain) - PS/00135/2021 (category Article 6(1) GDPR)very serious ”provides: "1. Based on what is established in article 83.5 of the Regulation (E.U.) 2016/679 are considered very serious and will prescribe30 KB (4,631 words) - 13:00, 13 December 2023
- Datatilsynet (Norway) - 20/01516 (category Article 5 GDPR)municipality had violated Articles 5 and 6 GDPR by publishing personal data on their webpage without a legal basis, and Articles 5 and 32(1)(b) by failing to implement26 KB (3,885 words) - 08:43, 7 May 2022
- AEPD (Spain) - PS/00188/2020 (category Article 5(1)(f) GDPR)violation of Article 5 (1) (f) GDPR? The Spanish DPA held that were clear indications that the defendant infringed Article 5 (1) (f) GDPR, principles relating24 KB (3,907 words) - 14:08, 13 December 2023
- UODO (Poland) - ZSPR.421.19.2019 (category Article 31 GDPR)connection with Article 31, Article 58(1)(e) and (f) in connection with Article 83(1-3) and Article 83(5)(e) of Regulation 2016/679 of the European Parliament29 KB (4,698 words) - 10:02, 17 November 2023
- AEPD (Spain) - PS/00406/2020 (category Article 6(1)(f) GDPR)violation of article 6.1. f) of the RGPD, in relation with article 20.1 c) of the LOPDGDD, typified in article 83.5.a) of the cited GDPR That by writing36 KB (5,582 words) - 14:35, 13 December 2023
- AEPD (Spain) - PS/00112/2020 (category Article 13 GDPR)serious breach and could be fined with the amounts established in Article 83(5) GDPR, in this case, the AEPD considered that the defendant had already29 KB (4,402 words) - 14:00, 13 December 2023
- CNPD (Luxembourg) - Délibération n° 6FR/2023 (category Article 31 GDPR)analyse the criteria set out in Article 83.2 of the GDPR. 61. As regards the nature and seriousness of the breach (Article 83(2)(a) of the RGPD), it points55 KB (9,079 words) - 16:57, 6 December 2023
- AEPD (Spain) - EXP202105923 (category Article 5(1)(d) GDPR)the provisions of article 58.2.b) of the RGPD, for the alleged infringement of article 5.1 d) of the RGPD, typified in article 83.5.a) of the RGPD and26 KB (3,846 words) - 12:42, 13 December 2023
- AEPD (Spain) - PS/00206/2020 (category Article 6 GDPR)claimed byviolation of article 83.5.a) of the RGPD, it is essential to examine and assess whetherThe circumstances described in article 83.2 of the RGPD concur20 KB (3,078 words) - 14:10, 13 December 2023
- AEPD (Spain) - EXP202206542 (category Article 5(1) GDPR)***NIF.1, in accordance with article 58.2.d) of the GDPR, for a violation of article 13 of the GDPR typified in article 83.5.b) of the aforementioned Regulation24 KB (3,749 words) - 13:19, 13 December 2023
- AP (The Netherlands) - 25.11.2021 (category Article 83(5) GDPR)fairness principle, violating Article 5(1)(a) in conjunction with Article 6(1)(e) GDPR, and Article 6 in conjunction with Article 8 Personal Data Protection87 KB (11,601 words) - 17:08, 12 December 2023
- APD/GBA (Belgium) - 28/2020 (category Article 6(1)(f) GDPR)administrative fines set out in Article 83.5 of the AVG. 51. Taking into account the criteria contained in article 83.2 of the AVG as well as the case27 KB (4,363 words) - 16:56, 12 December 2023
- AEPD (Spain) - PS/00025/2019 (category Article 6(1) GDPR)gob.es Page 26 26/30In article 83.5.a) of the RGPD, it seems appropriate to make two clarifications:The first, that article 83.2 RGPD requires that the88 KB (14,301 words) - 13:48, 13 December 2023
- AEPD (Spain) - PS/00245/2019 (category Article 83(5)(a) GDPR)Articles 5(1)(a) GDPR and 13 GDPR. On the other hand, they disagreed with the infringement of Article 5(1)(a) GDPR in relation to Article 9(1) GDPR with regard116 KB (18,941 words) - 14:21, 13 December 2023
- CNIL (France) - SAN-2022-011 (category Article 83 GDPR)amount of the fine, the criteria specified in the same article 83. " According to Article 83 of the GDPR: "1. Each supervisory authority shall ensure that administrative48 KB (7,525 words) - 17:02, 6 December 2023
- AEPD (Spain) - PS/00405/2020 (category Article 6(1)(a) GDPR)complained party, by the alleged infringement of article 6.1.a) of the RGPD, typified in article 83.5 of the GDPR. EIGHTH: The agreement to initiate this sanctioning20 KB (3,047 words) - 14:35, 13 December 2023
- AEPD (Spain) - EXP202208230 (category Article 28(2) GDPR)violation of article 28.2 typified in Article 83.4 a) GDPR. SIXTY THOUSAND EUROS (€60,000) for alleged violation of article 28.3 typified in Article 83.4 a) GDPR45 KB (6,904 words) - 13:12, 13 December 2023
- AEPD (Spain) - PS/00006/2019 (category Article 6(1)(a) GDPR)of violating Article 13(1) of the PGI, in relation to Articles 6(1)(a) and 8 of Regulation 2016/679. Infringement typified in Article 83.5 of the RGPD and27 KB (4,517 words) - 13:44, 13 December 2023
- AEPD (Spain) - PS/00308/2020 (category Article 5(1)(a) GDPR)third party, breach Article 6(1) GDPR? The Spanish DPA (AEPD) referred to the principle of lawfulness, fairness and transparency (Article 5(1)(a)), as well25 KB (4,016 words) - 14:27, 13 December 2023
- Court of Appeal of Brussels - 2022/AR/723 (category Article 5(1)(c) GDPR)21(2) and 21(4) GDPR. Moreover, the DPA held that the controller violated Article 5(1)(a), 5(1)(c), 5(2), 6(1), 12(2), 21(2) and 21(4) GDPR. The controller8 KB (919 words) - 09:54, 14 December 2023
- APD/GBA (Belgium) - 06/2019 (category Article 5(1)(c) GDPR)conformity with Article 5.1. c), Article 6.1., Article 13.1. c), Article 13.1. c), Article 13.1. e) and Article 13.2. a) of the DGPS pursuant to Article 101 of20 KB (3,137 words) - 16:51, 12 December 2023
- AEPD (Spain) - PS/00450/2019 (category Article 5(1)(f) GDPR)Digital Rights (LOPDGDD), for the infringement of Article 5.1 f) of the RGPD, typified in Article 83.5 a) of the RGPD and considered very serious in 7217 KB (2,620 words) - 14:43, 13 December 2023
- AEPD (Spain) - EXP202100639 (category Article 5(1)(c) GDPR)alleged infringement of article 5.1.c) of the RGPD and article 13 of the RGPD, typified in Article 83.5 a) and b) of the GDPR. FIFTH: On 12/17/2021 the32 KB (4,945 words) - 13:25, 13 December 2023
- DVI (Latvia) - SIA "TET" (category Article 5(1)(e) GDPR)violation of Article 5(1)(a), (b), (d) and (e) GDPR. Furthermore, there was no legal basis for these processing operations under Article 6(1) GDPR. The DPA114 KB (17,942 words) - 15:46, 2 November 2022
- AEPD (Spain) - PS/00303/2020 (category Article 6(1) GDPR)sedeagpd.gob.es 6/13 "1. In accordance with the provisions of article 83.5 of the Regulation (E.U.) 2016/679 are considered very serious and will prescribe29 KB (4,480 words) - 14:27, 13 December 2023
- DSB (Austria) - 2020-0.083.190 (category Article 83 GDPR)amended; Article 82 para 6 of Regulation (EU) 2016/679 (Basic Data Protection Regulation - DSGVO), OJ L 207, 30.12.2009, p. 1. No. L 119 of 4.5.2016, p8 KB (961 words) - 13:48, 12 May 2023
- AEPD (Spain) - PS/00143/2020 (category Article 5(1)(f) GDPR)procedure to the claimed, by the alleged violation of Article 5.1.f) of the RGPD, typified in Article 83.5 of the RGPD. C / Jorge Juan, 6 www.aepd.es 2800117 KB (2,578 words) - 14:05, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9524175 (category Article 5(1)(a) GDPR)administrative sanction provided for in Article 83(4) and (5) of the Regulation applicable, pursuant to Articles 58(2)(i) and 83(5) of the Regulation itself as also20 KB (3,133 words) - 15:53, 6 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 8393/161/2019 (category Article 5(1)(c) GDPR)with Article 5 (1) (a) and Article 6 (1) (f) GDPR. Thus, the controller failed to comply with the accountability principle under Article 5 (2) GDPR. Second111 KB (17,604 words) - 13:08, 3 March 2024
- CNPD (Luxembourg) - Délibération n° 24FR/2022 (category Article 12(1) GDPR)analyzes the criteria set by article 83.2 of the GDPR: - As for the nature and seriousness of the violation (article 83.2 a) of the GDPR), it recalls in with regard82 KB (11,472 words) - 16:58, 6 December 2023
- AEPD (Spain) - PS/00054/2021 (category Article 32(1) GDPR)infringement of article 32.1 of the RGPD, typified in article 83.4.a) of the RGPD, a fine of € 3,000 (three thousand euros), in accordance with article 73.g) of27 KB (3,993 words) - 13:52, 13 December 2023
- Recitals GDPR (section Recitals from the GDPR)set out in Article 5 of the Treaty on European Union (TEU). In accordance with the principle of proportionality as set out in that Article, this Regulation182 KB (24,065 words) - 13:40, 9 July 2021
- AEPD (Spain) - PS/00329/2020 (category Article 37 GDPR)issued under this article. " III Article 73 of the LOPDDG indicates: Violations considered serious "Based on what is established in article 83.4 of Regulation13 KB (2,002 words) - 14:29, 13 December 2023
- AEPD (Spain) - PS/00168/2020 (category Article 6(1) GDPR)for violation of article 83.5.a) of the RGPD, it is essential to examine and assess whether the circumstances described in article 83.2 of the RGPD exist22 KB (3,568 words) - 14:06, 13 December 2023
- HDPA (Greece) - 44/2019 (category Article 83(5)(a) GDPR)internal compliance and accountability according to Article 5(1) GDPR, Article 5(2) GDPR and Article 6(1) GDPR. Since the company had totally ignored the its127 KB (21,184 words) - 15:39, 6 December 2023
- Datatilsynet (Norway) - 20/01879 (category Article 24 GDPR)highly sensitive personal data exposed, thus breaching Article 32(1)(b) GDPR and Article 32(2), cf. Article 24. An employee in a municipal health care center30 KB (4,302 words) - 18:53, 5 March 2022
- Tietosuojavaltuutetun toimisto (Finland) - 310/161/23 (category Article 83(6) GDPR)aggravating circumstance according to Article 83(2)(i) or as a separate violation according to Article 83(5)(e) or Article 83(6). Since the situation at hand71 KB (11,552 words) - 13:40, 12 January 2024
- EDPB - Binding Decision 1/2020 - 'Twitter' (category Article 5(1)(f) GDPR)infringements of Article 5(1)(f), Article 24, and Article 32 GDPR, and to the objection of the IT SA on the possible infringement of Article 5(2) GDPR, the EDPB183 KB (30,819 words) - 09:50, 20 January 2023
- AEPD (Spain) - PS/00009/2020 (category Article 6(1) GDPR)is typified in Article 83.5 of the RGPD, which considers as such:C / Jorge Juan, 6www.aepd.es28001 - Madridsedeagpd.gob.es Page 5 5/11"5 . Violations of27 KB (4,150 words) - 13:45, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9861249 (category Article 5(1)(a) GDPR)should have applied Article 35 GDPR. In light of the above, the Italian DPA used its corrective powers under Article 58(2)(c) and 83 GDPR and fined the controller87 KB (14,104 words) - 15:45, 6 December 2023
- Datatilsynet (Norway) - 21/00480 (category Article 5(1)(f) GDPR)municipality €409,768 (NOK 4,000,000) for breaches of Article 5(1)(f) GDPR, Article 24 GDPR and Article 32 GDPR after a serious ransomware attack led to highly31 KB (4,380 words) - 06:12, 14 March 2023
- NAIH (Hungary) - NAIH/2020/32/4 (category Article 5(1) GDPR)obligor.[Article 83(2)(b) GDPR] - The obligor has not yet been convicted for violating the General Data Protection Regulation.[Article 83(2)(e) GDPR] - The75 KB (12,586 words) - 10:10, 17 November 2023
- AEPD (Spain) - PS/00249/2020 (category Article 83(5)(a) GDPR)negligent action (Article 83(2)(b) GDPR) and that basic identifiers such as name, surname, and address are affected (Article 83(2)(g) GDPR), including also20 KB (3,097 words) - 14:22, 13 December 2023
- Datatilsynet (Norway) - 20/02147 (category Article 5 GDPR)the lack of security routines, thus breaching Article 32(1)(b) cf. Article 5 GDPR, Article 35 and Article 24(1), respectively. Teachers at two junior high24 KB (3,591 words) - 18:57, 5 March 2022
- CNPD (Luxembourg) - Délibération n° 13FR/2023 (category Article 5(1)(b) GDPR)their employees. The DPA found a violation of Article 5(1)(b) GDPR, Article 5(1)(c) GDPR and Article 13 GDPR. Following a visit to the premises of two public96 KB (13,984 words) - 16:57, 6 December 2023
- AEPD (Spain) - EXP202204492 (category Article 6(1) GDPR)provisions of article 58.2.i) of the GDPR, for the alleged infringement of article 6.1 of the GDPR, typified in article 83.5.b) of the GDPR. SECOND: APPOINT26 KB (3,867 words) - 10:44, 13 December 2023
- AEPD (Spain) - PS/00227/2020 (category Article 6(1) GDPR)Articles 6 and 13 GDPR? The AEPD decided to impose, for infringement of Article 6 GDPR, a fine of € 10000 and, for infringement of Article 13 GDPR, a fine of46 KB (7,230 words) - 14:20, 13 December 2023
- VDAI (Lithuania) - UAB vs FITNESS (category Article 5(1)(c) GDPR)this processing, in violation of Article 5(1)(c) GDPR; It violated Article 13(1) and (1) GDPR, and Article 5(1) GDPR by failing to adequately inform data53 KB (2,523 words) - 09:19, 17 November 2023
- CNIL (France) - SAN-2020-018 (category Article 12 GDPR) (section Violation of the obligation to gather consent as prescribed by Article L. 34-5 of the Postal and Electronic Communication law:)to the criteria laid down by Article 83 paragraph 2 of the GDPR. With regard to the breach of Article L. 34-5 of the GDPR, the restricted committee considers69 KB (11,007 words) - 17:10, 6 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 4431/161/21 (category Article 5(1)(a) GDPR)DPA held that the controller had violated Article 5(1)(a) GDPR, Article 5(1)(c) GDPR and Article 25(2) GDPR. As a result, the DPA issued a reprimand to54 KB (8,279 words) - 13:53, 21 March 2024
- Garante per la protezione dei dati personali (Italy) - 9256486 (category Article 5 GDPR)accountability (Article 5 (2) and 24 (1), (2) GDPR), privacy by design (Article 25 (1) GDPR) and as controller towards its data processors (Article 28 GDPR). Consequently144 KB (23,155 words) - 15:46, 6 December 2023
- Personvernnemnda (Norway) - 2021-13 (20/01874) (category Article 6(1) GDPR)tribunal is whether according to the Privacy Ordinance Article 83 No. 5 and Article 83 No. 4, cf. Article 83. No. 2, an infringement fee shall be imposed for48 KB (7,804 words) - 18:49, 5 March 2022
- AEPD (Spain) - PS/00028/2020 (category Article 6 GDPR)signifiesidentified catives (article 83.2 b) Basic personal identifiers -image- are affected (art 83.2g)VOn the other hand, article 83.7 of the RGPD provides14 KB (2,075 words) - 13:48, 13 December 2023
- AEPD (Spain) - EXP202201681 (category Article 13 GDPR)violation of article 5.1.f) of the GDPR (LCEur 2016, 605) , typified in article 83.5.a) of the GDPR, a penalty of warning, of in accordance with article 77 of195 KB (30,495 words) - 12:40, 13 December 2023
- AEPD (Spain) - PS/00221/2020 (category Article 14 GDPR)for an infringement of article 14 of the RGPD, typified in article 83.5 of the RGPD, a warning sanction, in in relation to article 74.a) of the LOPDGDD.29 KB (4,537 words) - 14:19, 13 December 2023
- AEPD (Spain) - PS/00417/2019 (category Article 83(4) GDPR)scalethe by the number of clients it has (article 83.2 a)Basic personal identifiers are affected (article 83.2 g)Therefore, in accordance with the applicable16 KB (2,298 words) - 14:36, 13 December 2023
- AEPD (Spain) - PS/00014/2020 (category Article 6(1) GDPR)violation of article 6 of the RGPD, indicated in reason II. IV Article 72.1.b) of the LOPDGDD states that “ Based on what is established in article 83.5 of Regulation21 KB (3,441 words) - 13:46, 13 December 2023
- AEPD (Spain) - PS/00335/2020 (category Article 5(1)(f) GDPR)protocols. This therefore breached Article 5(1)(f) GDPR and Article 32 GDPR. The initial sanction for infringing Article 5(1)(f) was a fine of €5000 and the34 KB (5,427 words) - 14:30, 13 December 2023
- NAIH (Hungary) - NAIH-1091-10/2022 (NAIH-6936/2021) (category Article 5(2) GDPR)information pursuant to Article 13 (1) of the GDPR of what is written in paragraph Recital (39) of the GDPR and Article 5 (1) point a) of the GDPR stipulate that69 KB (11,255 words) - 10:08, 17 November 2023
- Garante per la protezione dei dati personali (Italy) - 9509558 (category Article 5(1)(a) GDPR)for profiles similar to those reported in this complaint (Article 83, paragraph 2, letter e) of the Regulations: provision. n. 364 of 10 July 2014 [Doc24 KB (3,667 words) - 15:53, 6 December 2023
- AEPD (Spain) - PS/00102/2021 (category Article 6(1) GDPR)particular case; " The offense is classified in Article 83.5 of the RGPD, which considers as such: "5. Violations of the following provisions will be sanctioned21 KB (3,099 words) - 13:59, 13 December 2023
- AEPD (Spain) - EXP202201247 (category Article 83(5) GDPR)hereinafter, LPACAP), for the alleged violation of article 6.1 of the RGPD, typified in Article 83.5 of the GDPR. C/ Jorge Juan, 6 www.aepd.es 28001 – Madrid17 KB (2,350 words) - 13:17, 13 December 2023
- AEPD (Spain) - PS/00214/2022 (category Article 6(1) GDPR)provisions of article 9 of the GDPR, which implies the commission of an infringement classified in section 5.a) of the Article 83 of the GDPR. Article 83.5.a) of131 KB (20,916 words) - 12:38, 13 December 2023
- AEPD (Spain) - PS/00381/2019 (category Article 83(5)(a) GDPR)for violation of Article 5.1.f) of the RGPD, typified in Article 83.5.a) of said Regulation and sanctioned in accordance with Article 77.2 of the LOPDGDD22 KB (3,479 words) - 14:33, 13 December 2023
- AEPD (Spain) - PS/00291/2019 (category Article 6(1)(a) GDPR)prescription, Article 72(1)(b) of the LOPDGDD states "Infringements considered very serious": 1. In accordance with the provisions of Article 83(5) of Regulation33 KB (5,396 words) - 14:26, 13 December 2023
- AEPD (Spain) - PS/00254/2019 (category Article 83(4) GDPR)infringement of Article 32.1 of the GDPR typified as a serious infringement in Article 73 f) of the LOPDGDD and in Article 83.4 of the GDPR. For its part39 KB (6,341 words) - 14:23, 13 December 2023
- AEPD (Spain) - EXP202202898 (category Article 6(1) GDPR)hereinafter, LPACAP), for the alleged infringement of Article 6.1 of the GDPR, typified in Article 83.5 of the GDPR. FIFTH: Notified of the aforementioned start-up34 KB (5,358 words) - 13:16, 13 December 2023
- AEPD (Spain) - PS/00152/2020 (category Article 33 GDPR)foundation was responsible for violating Article 33 GDPR, and issued it with a warning pursuant to Article 58(2)(b) GDPR. The AEPD did not find the former Secretary27 KB (4,243 words) - 14:06, 13 December 2023
- CNPD (Luxembourg) - Délibération n° 38FR/2021 (category Article 37(7) GDPR)analyzes the criteria set by Article 83.2 of the GDPR: - As to the nature and seriousness of the violation [article 83.2 a) of the GDPR], with regard to breaches81 KB (11,895 words) - 16:58, 6 December 2023
- AEPD (Spain) - PS/00023/2020 (category Article 83(5) GDPR)the respondent, by the alleged violation of Article 5.1.c) of the RGPD, as defined in Article 83.5 of the GDPR. SIXTH: Formal notification of the agreement21 KB (3,298 words) - 13:46, 13 December 2023
- AEPD (Spain) - PS/00062/2020 (category Article 13 GDPR)B02547164, for an infringement of article 13 of the RGPD, typified in article 83.5 GDPR, a fine of FIVE THOUSAND EUROS (€ 5,000.00). SECOND: NOTIFY this resolution44 KB (7,162 words) - 13:53, 13 December 2023
- AEPD (Spain) - PS/00114/2019 (category Article 6(1) GDPR)of articles 83.1 and 83.2 of the RGPD must be observed. In turn, pursuant to article 83. 2.k GDPR, the circumstances described in article 76 LOPDGDD may60 KB (10,197 words) - 14:01, 13 December 2023
- AEPD (Spain) - PS/00415/2020 (category Article 83(5)(a) GDPR)imposed a fine of €60000 for the violating Article 5(1)(d) GDPR and €30000 for violating Article 5(1)(f) GDPR. In imposing the fine, the AEPD factored in30 KB (4,436 words) - 14:36, 13 December 2023
- DSB (Austria) - D550.038/0003-DSB/2018 (category Article 5(1)(a) GDPR)following way: € 2.400 under Article 6(1)(f) and 83(5)(a) GDPR (illegal surveillance) € 800 under §§ 52(2)(6), 62(1)(4) and 69(5) DSG 2000 (missing protocol)31 KB (5,161 words) - 14:02, 12 May 2023
- AEPD (Spain) - PS/00315/2020 (category Article 28 GDPR)contemplates in its article 76, entitled “San- corrective measures and actions ”: "1. The sanctions provided for in sections 4, 5 and 6 of article 83 of the Regulation62 KB (10,401 words) - 14:35, 21 November 2023
- Garante per la protezione dei dati personali (Italy) - 9795350 (category Article 5(1)(a) GDPR)required by Article 12 GDPR. The DPA clarified that the right of information and the right of access are distinct. An access request under Article 15 GDPR is not90 KB (14,651 words) - 08:07, 5 September 2022
- AEPD (Spain) - PS/00379/2019 (category Article 6 GDPR)an alleged violation of article 6 of the GDPR typified as an infringement of basic principles for processing in article 83.5 GDPR. In determining the amount26 KB (4,235 words) - 14:33, 13 December 2023
- Datatilsynet (Norway) - 20/02291 (category Article 5(1)(f) GDPR)patient data cf. Article 32 GDPR and Article 5(1)(f) GDPR and inadequate internal controls cf. Article 24 GDPR and Article 5(2) GDPR. Østfold Hospital45 KB (6,645 words) - 14:40, 28 March 2022
- IMY (Sweden) - DI-2020-10561 (category Article 12(3) GDPR)intervention Article 58 (2) (i) and Article 83 (2) state that the IMY has the power to impose administrative penalty fees in accordance with Article 83. the circumstances17 KB (1,940 words) - 15:23, 6 December 2023
- Personvernnemnda (Norway) - PVN-2022-22 (category Article 83(2) GDPR)personal protection regulation article 83 no. 5 that violation of articles 5, 6, 7 and 9 of accordance with article 83 no. 2 shall be imposed an infringement91 KB (14,440 words) - 10:06, 17 November 2023
- AEPD (Spain) - PS/00123/2020 (category Article 5(1)(f) GDPR)for the alleged violation of Article 5.1.f) of the RGPD, in relation to article 5 of the LOPDGDD, as indicated in article 83.5 a) of the RGPD. The telematic21 KB (3,254 words) - 14:02, 13 December 2023
- BAC (Bulgaria) - 2606/2021 (category Article 83(2) GDPR)CPDP issued NRA an order under Article 58(2)(d) supra Article 57(1)(a) and Article 83(2)(a), (c), (d), (f) and (g) of the GDPR for undertaking suitable technical13 KB (1,761 words) - 09:58, 14 December 2023
- CNIL (France) - SAN-2024-002 (category Article 5(1)(e) GDPR)of Articles 5-1-e) and 13 of the GDPR constitute breaches of key principles of the GDPR likely to be subject, under Article 83 of the GDPR, to an administrative56 KB (8,757 words) - 14:12, 28 February 2024
- Garante per la protezione dei dati personali (Italy) - 9860461 (category Article 9 GDPR)privacy. Health data are special categories of data covered by Article 9 GDPR. According to Article 137 of the Italian Data Protection Code, health data can16 KB (2,409 words) - 15:44, 6 December 2023
- Garante per la protezione dei dati personali (Italy) - 9860487 (category Article 9 GDPR)right to privacy. Health data are sensitive data covered by Article 9 GDPR. According to Article 137 of the Italian Data Protection Code, health data can16 KB (2,352 words) - 15:44, 6 December 2023
- Garante per la protezione dei dati personali (Italy) - 9860513 (category Article 9 GDPR)right to privacy. Health data are sensitive data covered by Article 9 GDPR. According to Article 137 of the Italian Data Protection Code, health data can16 KB (2,324 words) - 15:45, 6 December 2023
- AEPD (Spain) - PS/00315/2019 (category Article 13 GDPR)information provided was in breach of Article 13 GDPR. Therefore, the authority warned the controller (Article 83(5) GDPR) and requested to complete the notice17 KB (2,633 words) - 14:28, 13 December 2023
- CNIL (France) - SAN-2019-001 (category Article 4(11) GDPR)this respect, both Article 6 and Articles 12 and 13 are among the provisions whose disregard is most severely sanctioned in Article 83(5) of the GDMP. The90 KB (14,556 words) - 17:08, 6 December 2023
- IMY (Sweden) - DI-2020-10518 (category Article 12(3) GDPR)intervention Article 58 (2) (i) and Article 83 (2) state that the IMY has the power to impose administrative penalty fees in accordance with Article 83. the circumstances18 KB (2,003 words) - 15:22, 6 December 2023
- NAIH (Hungary) - NAIH-373-31/2023 (category Article 5(1)(b) GDPR)thereby violating Article 12 (1) and Article 14 (1) points a) and c), as well as Article 14 (2) b), c) and e) of the GDPR points. 3.5. Customer 1's data140 KB (23,189 words) - 08:25, 20 February 2024
- AEPD (Spain) - PS/00389/2019 (category Article 5 GDPR)of which are typified in article 83.4.a). V The violation of articles 32, 33 and 34 of the RGPD are criminalized in Article 83.4(a) of the said GPRS in31 KB (4,819 words) - 14:34, 13 December 2023
- Commissioner (Cyprus) - 11.17.001.008.001 (category Article 5(1)(f) GDPR)natureinfringement.5. ΚυπWσεις5.1.1. As defined in the provisions of Rule 83 (5) of the Rules of Procedure. violation of the provisions ofArticles 5 and 15, draws61 KB (9,412 words) - 16:52, 6 December 2023
- NAIH (Hungary) - NAIH/2020/974/4 (category Article 5(1)(a) GDPR)breach of the General Data Protection Regulation5. Article 5 (1) (a), Article 5 (2) and Article 13 Article 1 (1) to (2). III.3. JogkövetkezményekIII.3.167 KB (10,815 words) - 10:11, 17 November 2023
- AEPD (Spain) - PS/00029/2020 (category Article 5(1)(f) GDPR)Q4500146H, for the alleged infringement of Article 5.1.f) of the RGPD, in accordance with the provisions of Article 83.5 of the RGPD and 72.1.i) of the LOPDGDD44 KB (6,943 words) - 13:49, 13 December 2023
- AEPD (Spain) - PS/00408/2020 (category Article 6(1) GDPR)required by article 6 of the RGPD. The data processing carried out violates article 6 of the RGPD conduct that is subsumed in article 83.5 of the RGPD47 KB (7,616 words) - 14:35, 13 December 2023
- AEPD (Spain) - EXP202305050 (category Article 58(1) GDPR)typified in article 83.5.e) of the GDPR, which considers as such: "no facilitate access in breach of article 58, section 1.” The same article establishes57 KB (9,217 words) - 10:44, 13 December 2023
- HDPA (Greece) - 50/2022 (category Article 5(1)(b) GDPR)limitation under Article 5(1)(a) of the GDPR. 1(b) and the obligation (principle) of accountability under Article 5(1)(b). 2 of the GDPR, that is to say19 KB (2,790 words) - 15:32, 6 December 2023
- AEPD (Spain) - EXP202203956 (category Article 6(1) GDPR)hereinafter, LPACAP), for the alleged infringement of Article 6.1 of the GDPR, typified in Article 83.5 of the GDPR. FIFTH: Notified of the aforementioned start-up52 KB (8,323 words) - 13:17, 13 December 2023
- AEPD (Spain) - PS/00274/2019 (category Article 5(1)(f) GDPR)violation of thearticle 5.1.f), in relation to article 6.1 of the RGPD.The violation of article 5.1.f) of the RGPD is typified in article 83.5.a)of the RGPD. The37 KB (5,700 words) - 14:24, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9856694 (category Article 5(1)(a) GDPR)applicable to the controller, including Articles 5(1)(a) and 6 GDPR. As a matter of fact, Articles 5(1)(a) and 6 GDPR set general principles and conditions of49 KB (7,758 words) - 15:44, 6 December 2023
- Garante per la protezione dei dati personali (Italy) - 9538748 (category Article 5(1)(f) GDPR)paragraph 5, of the Regulation applicable, pursuant to Articles 58, paragraph 2, letter i), and 83, paragraph 5, of the Regulation. 5. Adoption of the injunction24 KB (3,672 words) - 15:54, 6 December 2023
- APD/GBA (Belgium) - 39/2020 (category Article 5(1)(f) GDPR)obtained from them, as required under Article 14(1)(a) AVG and Article 14(2)(c)(e) and point (f) AVG; c. article 12 j° article 14 AVG, in view of the defendant62 KB (10,509 words) - 16:58, 12 December 2023
- AEPD (Spain) - PS/00059/2020 (category Article 28 GDPR)purposes in Article 73, sections j), k) and p) of the LOPDGDD, for violation of article 44 of the RGPD typified in accordance with article 83.5.c) of the287 KB (48,336 words) - 13:53, 13 December 2023
- EDPB - Binding Decision 5/2022 - 'Whatsapp' (category Article 5 GDPR)of an infringement of the Article 5(1)(a) GDPR principle of fairness, and infringements of the Article 5(1)(b) and (c) GDPR principles of purpose limitation289 KB (33,568 words) - 15:00, 1 February 2023
- AN - 578/2021 (category Article 5(1)(d) GDPR)infraction of art. 5.1.d) of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, typified in art. 83.5 of the aforementioned26 KB (4,277 words) - 09:18, 26 July 2021
- Datatilsynet (Norway) - 20/02172 (category Article 6(1)(f) GDPR)under Article 6(1)(f) GDPR. The DPA also requires that the company implement internal controls of their credit rating process as per Article 24 GDPR. The28 KB (4,155 words) - 18:57, 5 March 2022
- Garante per la protezione dei dati personali (Italy) - 9685922 (category Article 5(1)(f) GDPR)processing carried out is in violation of Article 5(1)(f) GDPR, Article 25(1) GDPR, Article 32 GDPR and Article 35 GDPR. Especially, the controller cannot exclude119 KB (19,123 words) - 11:29, 16 August 2022
- Commissioner (Cyprus) - 11.17.001.008.222 (category Article 83 GDPR)Moreover, following an infringement of Article 12(3) GDPR, as explained above, under the provisions of Article 83 of the GDPR, I take into account the following16 KB (2,438 words) - 09:07, 9 June 2023
- AZOP (Croatia) - Decision 13-03-2020 (category Article 15(1) GDPR)applied Article 83 (1) GDPR: the described conduct of the Bank resulted in a serious violation of the data subjects' rights - regulated by art. 83 (5) (b)6 KB (740 words) - 15:52, 30 October 2023
- AEPD (Spain) - PS/00028/2022 (category Article 5(1)(f) GDPR)hereinafter, LPACAP), for the alleged infringement of Article 6.1 of the GDPR, typified in Article 83.5 of the GDPR. FIFTH: Notified of the aforementioned start-up58 KB (9,301 words) - 12:39, 13 December 2023
- AEPD (Spain) - PS/00334/2020 (category Article 6(1) GDPR)(hereinafter, LPACAP), for the alleged violation of Article 6.1 of the RGPD, typified in Article 83.5 of the GDPR. FIFTH: Once the aforementioned commencement16 KB (2,328 words) - 14:30, 13 December 2023
- AEPD (Spain) - PS/00366/2019 (category Article 5(1)(d) GDPR)authorities an infringement of Article 5 (1) (d) GDPR? The AEPD agreed to impose a penalty for infringement of Article 5 (1) (d) for lack of accuracy in29 KB (4,583 words) - 14:32, 13 December 2023
- AEPD (Spain) - EXP202301529 (category Article 17 GDPR)considering that it has violated the provisions of Article 17 of the GDPR and Article 21 of the GDPR and urge GLOBAL CAPITAL GROUP SPAIN, S.L. with NIF20 KB (3,078 words) - 13:05, 13 December 2023
- AEPD (Spain) - PS/00198/2020 (category Article 6(1) GDPR)claimed byviolation of article 83.5.a) of the RGPD, it is essential to examine and assess whetherThe circumstances described in article 83.2 of the RGPD concur24 KB (3,769 words) - 14:10, 13 December 2023
- Commissioner (Cyprus) - 11.17.001.010.045 (category Article 5(1)(c) GDPR)that the article’s publication was in violation of Article 5(1)(c) GDPR, Article 6(1)(f) GDPR, when read in line with Article 85 GDPR. Article 5(1)(c) outlines74 KB (12,375 words) - 10:07, 4 October 2023
- AEPD (Spain) - PS/00326/2020 (category Article 37(1)(a) GDPR)issued under this article. " III Article 73 of the LOPDDG indicates: "Violations considered serious "Based on what is established in article 83.4 of Regulation14 KB (1,992 words) - 14:29, 13 December 2023
- AEPD (Spain) - PS/00003/2020 (category Article 83(5) GDPR)of Article 5.1.c) of the RGPD, typified in Article 83.5 of the RGPD, a fine of FIVE THOUSAND EUROS (€ 5,000). That, under the provisions of article 5850 KB (7,524 words) - 13:44, 13 December 2023
- CNIL (France) - SAN-2020-003 (category Article 5(1)(e) GDPR)principle, namely the breaches of articles 5-1-c), 5 -1 e), 13, 32 and 35-1 of the GDPR; no breach of Article 6 of the GDPR and of Directive 2002/58 / EC of the61 KB (10,028 words) - 17:09, 6 December 2023
- AEPD (Spain) - PS/00065/2020 (category Article 13 GDPR)required by Article 13 of the GDPR GDPR. The form used violated Article 13 of the GDPR conduct that is subsumi- ble under Article 83(5) of the GDPR, which provides:61 KB (9,973 words) - 13:55, 13 December 2023
- AEPD (Spain) - PS/00127/2020 (category Article 13 GDPR)information duty included in Article 13 GDPR. Is this a violation of Article 13 GDPR? The AEPD held that there had been a violation of Article 13. According to the35 KB (5,363 words) - 14:02, 13 December 2023
- AEPD (Spain) - PS/00028/2021 (category Article 5(1)(c) GDPR)(hereinafter, LPA- CAP), for the alleged violation of Article 5.1.c) of the RGPD, typified in Article 83.5 of the GDPR. SEVENTH: Once the aforementioned commencement25 KB (3,876 words) - 13:48, 13 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 7285/183/18 (category Article 5(1)(a) GDPR)fairness of processing (Article 5(1)(a) GDPR), data minimisation (Article 5(1)(c) GDPR), and data protection by default (Article 25(2) GDPR). The DPA suggested73 KB (11,237 words) - 05:34, 21 July 2022
- AEPD (Spain) - PS/00040/2020 (category Article 15 GDPR)(hereinafter, LPACAP), for the alleged violation of article 15 of the RGPD, in accordance with article 83.5 b) of the RGPD. Against the initial agreement, no38 KB (6,303 words) - 13:50, 13 December 2023
- Datatilsynet (Norway) - 20/04401 (category Article 6(1) GDPR)violations of Article 6 of the Privacy Ordinance can lead to sanctions in the form of infringement fines of up to EUR 20 million, see Article 83 (5) of the Privacy40 KB (5,988 words) - 19:04, 5 March 2022
- NAIH (Hungary) - NAIH/2020/6484 (category Article 15(1)(a) GDPR)suspension. " Under Article 83 (2), (5) and (7) of the General Data Protection Regulation: administrative fines in accordance with Article 58 (2) (a) to (b)27 KB (4,159 words) - 10:13, 17 November 2023
- AEPD (Spain) - PS/00102/2020 (category Article 5(1)(f) GDPR)with NIF A95758389, for the alleged violation of article 5.1 f) of the RGPD,typified in article 83.5 a) of the RGPDSECOND: ORDER IBERDROLA CLIENTES, SAU21 KB (3,082 words) - 13:59, 13 December 2023
- APD/GBA (Belgium) - 141/2021 (category Article 38(6) GDPR)order that there is no violation of articles 5.1(c), 5.1(d), 5.1(e) and 5.1(f). Articles 5.1(c), (d) and (f), 5.2, 12, 16, 24, 25, 30.1, 31, 32, 38.3 and90 KB (14,937 words) - 12:35, 3 August 2022
- AEPD (Spain) - PS/00491/2020 (category Article 6(1) GDPR)violation of Article 13 GDPR and issued a warning to the controller. The AEPD took into account the following aggravating factors (Article 83 (2) GDPR) to determine19 KB (2,957 words) - 14:45, 13 December 2023
- DVI (Latvia) - SIA “Lursoft IT” (category Article 5(1)(a) GDPR)Liability Law, 9 Article 156, the second and third paragraphs of Article 157, the first paragraph of Article 166, Article 168, Article 262, Article 269, 1. to90 KB (14,351 words) - 16:10, 6 December 2023
- APD/GBA (Belgium) - 33/2020 (category Article 5 GDPR)by the defendant under Article 6(1) GDPR? Did the controller infringe the data minimisation principle under Article 5(1)(c) GDPR? Did the controller commit39 KB (6,551 words) - 16:56, 12 December 2023
- CNIL (France) - SAN-2020-015 (category Article 32(1) GDPR)private doctor for violating Article 32 GDPR by making his patients' health data freely accessible on the web, and Article 33 GDPR by not notifying the DPA29 KB (4,374 words) - 16:03, 19 January 2024
- HDPA (Greece) - 53/2022 (category Article 5(1)(a) GDPR)violation of article 13 of Regulation (EU) 2016/679, in accordance with article 58 par. 2 i' of the GDPR in combination with article 83 par. 5 of the GDPR. The50 KB (8,004 words) - 04:49, 14 December 2022
- AEPD (Spain) - PS/00141/2020 (category Article 6(1)(a) GDPR)Judiciales (JAVA). JAVA infringed Article 6(1)(a) GDPR by publishing illegal recordings on its website and also infringed Article 22(2) LSSI due to its cookie26 KB (4,150 words) - 14:05, 13 December 2023
- AEPD (Spain) - PS/00054/2020 (category Article 5(1)(c) GDPR)violation of article 5.1.c), typified in article 83.5 of the aforementioned rule, a sanction of APPEARANCE. SECOND: ORDER, under the provisions of article 58.237 KB (6,022 words) - 13:52, 13 December 2023
- AEPD (Spain) - PS/00335/2019 (category Article 6(1)(a) GDPR)subjects infringes Article 6 (1) (a) GDPR. The AEPD fined the data processor in an amount of 4,000 Euro for the violation of Article 6 (1) (a) GDPR. Since the21 KB (3,281 words) - 14:30, 13 December 2023
- AEPD (Spain) - PS/00268/2022 (category Article 5(1)(f) GDPR)infringement of Article 5.1.f) of the RGPD, Article 33 of the RGPD, Article 25 of the RGPD and Article 32 of the RGPD, typified in Article 83.5 of the RGPD63 KB (9,551 words) - 12:33, 13 December 2023
- AEPD (Spain) - EXP202202837 (category Article 83(2) GDPR)(Considering 40 GDPR), Article 6.1 of the GDPR is therefore applicable and not RD 1720/2007 used by the defendant. Thus, the aforementioned article 6.1 GDPR establishes58 KB (8,995 words) - 13:00, 13 December 2023
- Commissioner (Cyprus) - 11.17.001.010.007 (category Article 5(1)(c) GDPR)5(1)( c) or article 34(1) of the GDPR. Legal framework 8.1. Pursuant to Article 5(1)(c) of the GDPR “Personal Data shall be: … (c) adequate, relevant and20 KB (3,082 words) - 13:42, 31 January 2024
- AEPD (Spain) - PS/00187/2020 (category Article 5(1)(f) GDPR)the alleged violation of Article 32 of the RGPD, Article 5.1.f) of the RGPD, Article 25 of the RGPD, typified in Article 83.5 of the RGPD. FOURTH: On October51 KB (7,770 words) - 14:08, 13 December 2023
- APD/GBA (Belgium) - 37/2021 (category Article 5(1)(b) GDPR)principles of minimization and purpose limitation (Article 5(1)(c) and Article 5(1)(b) of the GDPR): The Belgian DPA considers that the indication of the45 KB (6,780 words) - 16:57, 12 December 2023
- AEPD (Spain) - EXP202105669 (category Article 5(1)(f) GDPR)violation of article 5.1.f) of the GDPR, typified in article 83.5 of the GDPR, a warning sanction and for a violation of article 32 of the GDPR, typified45 KB (6,998 words) - 12:58, 13 December 2023
- Datatilsynet (Norway) - 20/01896 (category Article 5(2) GDPR)the fee. 5.5. The amount of the infringement fee In determining the fee, the points in section 5.4 above shall be given weight, cf. Article 83 (2). The28 KB (4,387 words) - 18:58, 5 March 2022
- AEPD (Spain) - EXP202211953 (category Article 5(1)(a) GDPR)adequate information under Article 13 GDPR, and for the processing of personal data in a manner contrary to Article 5(1)(a) of the GDPR. A data subject submitted85 KB (13,042 words) - 12:42, 13 December 2023
- AEPD (Spain) - PS/00257/2020 (category Article 37 GDPR)handed down under this article." III Article 73 of the LOPDDG states Infringements considered serious: "In accordance with Article 83(4) of Regulation (EU)18 KB (2,737 words) - 14:23, 13 December 2023
- AEPD (Spain) - E/08210/2021 (category Article 4(22) GDPR)authority. Under Article 60 GDPR, the following DPAs were identified as “concerned supervisory authorities” under Article 4(22) GDPR: the Netherlands,29 KB (4,457 words) - 10:34, 13 December 2023
- ANSPDCP (Romania) - 04.03.2021 (category Article 5(1)(f) GDPR)infringement of Article 32 GDPR in conjunction with Article 5(1)(f) GDPR? The Romanian DPA (ANSPDCP) found that the controller violated Article 32 GDPR as they7 KB (1,035 words) - 15:19, 13 December 2023
- AEPD (Spain) - PS/00205/2021 (category Article 6(1) GDPR)with the provisions of the article 6.1. of the RGPD, which could lead to the commission of an infringement typified in article 83.5 of the RGPD, which provides28 KB (4,527 words) - 12:35, 13 December 2023
- AEPD (Spain) - PS/00234/2020 (category Article 7 GDPR)AEPD concluded that the defendant could have breached Article 13 GDPR, Article 7 GDPR and Article 22(2) LSSI: there was no identification of the data controller47 KB (7,368 words) - 14:21, 13 December 2023
- HDPA (Greece) - 12/2022 (category Article 5(1)(a) GDPR)lawfulness, fairness and transparency under Article 5(1)(a) GDPR, and the principle of accountability under Article 5(2) GDPR. Additionally, the HDPA held that the46 KB (7,390 words) - 08:07, 1 April 2022
- AEPD (Spain) - PS/00212/2019 (category Article 32 GDPR)typified in article 83.4 of the RGPD and is qualified as serious in article 73.1 g) of the LOPDPGDD for prescription purposes.III Article 58.Article 58.2 of17 KB (2,518 words) - 14:11, 13 December 2023
- AP (The Netherlands) - 4.02.2021 (category Article 8 GDPR)administrative fine Under Article 58, second paragraph, preamble below i, the AP is read in conjunction with Article 83 of the GDPR, authorized to impose an57 KB (8,053 words) - 17:07, 12 December 2023
- CNIL (France) - SAN-2023-025 (category Article 6(1)(a) GDPR)the data subjects, therefore breaching Article 6 GDPR, as well as Article 5(1)(b) GDPR. Thirdly, Article 30 GDPR stipulates that the controller must keep53 KB (8,418 words) - 11:21, 6 February 2024
- AEPD (Spain) - PS/00191/2020 (category Article 5(1)(c) GDPR)constitute a breach of Article 5(1)(c) GDPR? The AEPD held, that the actions of the defendant constitute an infringement of Article 5(1)(c) GDPR " Data Minimisation20 KB (2,973 words) - 14:09, 13 December 2023
- AP (The Netherlands) - 24.03.2020 (category Article 4(15) GDPR)volition investigation into CP&A's compliance with Article 9, as well as Article 32 GDPR. Since Article 9 GDPR prohibits the processing of special categories48 KB (7,461 words) - 17:04, 12 December 2023