Search results
From GDPRhub
- AP (The Netherlands) - 30.04.2020 (category Article 9(2)(b) GDPR)effect on someone'. No exception to prohibition For the use of fingerprints, 2 exceptions to the prohibition could be possible in this case: if explicit consent5 KB (600 words) - 17:12, 12 December 2023
- Garante per la protezione dei dati personali (Italy) - 9509515 (category Article 9(2)(b) GDPR)such processing to be legitimate on the basis of Article 9 (2) (B) GDPR in conjunction with Article 32 GDPR" (see note cited, p. 4) (see footnote cit., p33 KB (5,342 words) - 15:52, 6 December 2023
- AEPD (Spain) - PS/00128/2020 (category Article 9(2)(b) GDPR)P3002000B, for an infringement of article 13 of the RGPD, typified in article 83.5.b) of the RGPD, a warning sanction in accordance with article 77.2 of the39 KB (5,912 words) - 14:02, 13 December 2023
- Commissioner (Cyprus) - 11.17.001.008.042 (category Article 9(2) GDPR)An employer should explore the specific exceptions in Article 9(2)(b) GDPR to Article 9(2)(j) GDPR to lawfully process health-related data of employees4 KB (472 words) - 16:52, 6 December 2023
- Datatilsynet (Norway) - 21/01057 (category Article 57(1) GDPR)in Article 6 GDPR. If the information also includes sensitive data specified in Article 9(1) GDPR, there must be a basis for processing in Article 9(2)17 KB (2,399 words) - 16:20, 6 December 2023
- IP - 07120-1/2020/345 (category Article 9(2)(b) GDPR)personal health records? According to the IP, for the purposes of Article 9(2)(b) GDPR, employers are only entitled to process (ie obtain and store) general11 KB (1,695 words) - 11:11, 13 January 2021
- ICO (UK) - Processing of special category biometric data 04102022 (category Article 9(2)(b) GDPR)readers in its venues. Article 9(2)(b) does not cover processing purely to meet contractual employment rights or obligations. Article 9(2)(b) was not a legitimate10 KB (1,376 words) - 21:05, 7 July 2023
- Datatilsynet (Norway) - 20/01865 (category Article 58(2)(b) GDPR)processing might be based on Article 6(1)(f) GDPR (legitimate interest) and - regarding health data - on Article 9(2)b) GDPR (fulfilling obligations under19 KB (2,942 words) - 09:03, 14 September 2023
- PVN - PVN-2023-23 (category Article 9(2)(b) GDPR)regulation article 6 no. 1 letter c (legal obligation), article 6 no. 1 letter e (exercising public authority), as well as article 9 no. 2 letter b (fulfilling15 KB (2,181 words) - 09:31, 23 February 2024
- that a valid legal basis would be either Article 6(1)(c) GDPR, or Article 6(1)(d) GDPR or Article 9(2)(b) GDPR. The Data protection authority (the UOOU)25 KB (3,096 words) - 17:48, 25 November 2021
- LAG Berlin-Brandenburg - 10 Sa 2130/19 (category Article 9(2)(b) GDPR)rely on Article 9(2)(b) GDPR. The LArbG Berlin-Brandenburg also confirmed that the processing was not necessary in light of Article 9(2)(b) GDPR, and emphasised50 KB (8,194 words) - 12:05, 3 March 2022
- Persónuvernd - 2020010628 (category Article 9(2)(b) GDPR)first paragraph. Article 11 of the Act, cf. Paragraphs 1 and 2 Article 9 of the Regulation. According to point b of point 3. Article 3 of the Act, health24 KB (3,675 words) - 09:19, 28 October 2020
- Garante per la protezione dei dati personali (Italy) - 9776444 (category Article 9(2)(b) GDPR)based on Articles 6(c) and 9(2)(b). The school did not specify the source of the legal obligation under Article 6(1)(c) GDPR, nor the source of the obligations24 KB (3,752 words) - 11:47, 9 November 2022
- RvS - 202001651/1/A3 (category Article 9(2)(b) GDPR)with Article 9, second paragraph, under b, of the GDPR. The Division will therefore not go into this part of its argument. 4.2. Pursuant to Article 21,24 KB (3,778 words) - 09:22, 7 April 2021
- Garante per la protezione dei dati personali (Italy) - 9832838 (category Article 9(2)(b) GDPR)fairness (Article 5(1)(a) GDPR). Thus by not providing sufficient information, the controller breached Article 5(1)(a) GDPR and Article 13 GDPR. Additionally41 KB (6,619 words) - 13:06, 18 January 2023
- Article 6 GDPR (category GDPR Articles) (section Tension with Article 5 and 12 GDPR in case of routine reliance on Article 6(4) GDPR)issued its Guidelines 2/2019 on the processing of personal data under Article 6(1)(b) GDPR with a detailed analysis of Article 6(1)(b) GDPR. General information108 KB (17,005 words) - 15:39, 18 March 2024
- Datatilsynet (Denmark) - 2021-31-4751 (category Article 9(2)(b) GDPR)has specifically been Article 6 (1) of the Data Protection Regulation. Article 9 (1) (f) and Article 9 (1) 2, letter f, as TV 2 has "transferred" personal105 KB (17,427 words) - 18:19, 16 February 2022
- LAG Düsseldorf - 12 Sa 186/19 (category Article 9 GDPR)/ Weichert / Sommer, EU-GDPR and BDSG, 2nd edition 2020, Art. 9 GDPR marginal 3).9 GDPR does not allow recourse to Art. 6 GDPR (Albers / Veit in Wolff120 KB (20,753 words) - 17:06, 7 March 2022
- consent under Article 6(4) GDPR and further processing for a compatible purpose under Article 6(4) GDPR. See the commentary on Article 6(4) GDPR for details51 KB (6,355 words) - 08:25, 18 April 2024
- application, see Article 3(2)(b) GDPR, or automated decision making, see Article 22 GDPR. Profiling also triggers information duties under Articles 13(2)(f) and125 KB (16,328 words) - 16:01, 8 March 2024
- Article 83 GDPR (category GDPR Articles) (section (6) Non-compliance with orders pursuant to Article 58(2) GDPR)flows by the SA pursuant to Article 58(2) GDPR or failure to provide access in violation of Article 58(1) GDPR. Article 83(6) GDPR is a superfluous provision55 KB (7,622 words) - 14:04, 7 November 2023
- Article 17 GDPR (category GDPR Articles) (section (ii) Erasure following objection under Article 21(2))provided for in Article 6(1)(a) GDPR or, as the case may be, Article 9(2)(a) GDPR, and consent is withdrawn according to Article 7(3) GDPR, data must be61 KB (8,488 words) - 15:47, 18 March 2024
- categories of data established in Article 9(2)(a) GDPR, Article 9(2)(c) GDPR, Article 9(2)(g) GDPR and Article 9(2)(i) GDPR directly correlate with a specific44 KB (5,905 words) - 14:00, 24 October 2023
- Article 13 GDPR (category GDPR Articles) (section (b) Contact details of the data protection officer)data are processed, in Article 9(2) GDPR. Where personal data relating to criminal matters are being processed under Article 10 GDPR (e.g. copy of the criminal71 KB (9,532 words) - 13:30, 6 March 2024
- AP (The Netherlands) - 24.03.2020 (category Article 9 GDPR)volition investigation into CP&A's compliance with Article 9, as well as Article 32 GDPR. Since Article 9 GDPR prohibits the processing of special categories48 KB (7,461 words) - 17:04, 12 December 2023
- Article 15 GDPR (category GDPR Articles) (section Additional information under Article 15(1)(a) to (h))categories. Similar to the ex-ante information in Article 13(2)(b) and 14(2)(c) GDPR, Article 15(1)(e) GDPR required to inform the data subject about the right73 KB (9,896 words) - 15:46, 18 March 2024
- Article 12 GDPR (category GDPR Articles) (section (2) Facilitation of the exercise of rights and identification)are dealt with in Article 12(6) GDPR. It is unclear why Article 12(2) GDPR refers to Articles 15 to 22 GDPR, while Article 11(2) GDPR only refers to Articles76 KB (11,304 words) - 08:37, 4 March 2024
- access (Article 15 GDPR), rectification (Article 16 GDPR), erasure (Article 17 GDPR), restriction (Article 18 GDPR), notification (Article 19 GDPR) or data46 KB (5,825 words) - 11:12, 7 November 2023
- Article 33 GDPR (category GDPR Articles) (section (2) Processor's notification in the event of a personal data breach)the controller under Article 33(2) GDPR." See, EDPB, Guidelines 9/2022 on personal data breach notification under GDPR (Version 2.0), 28 March 2023, p54 KB (6,536 words) - 08:22, 16 June 2023
- commentary on Article 13(2)(b) GDPR. Given the identical wording, see commentary on Article 13(2)(c) GDPR. Given the identical wording, see commentary on Article47 KB (5,644 words) - 17:49, 5 March 2024
- Article 32 GDPR (category GDPR Articles) (section (b) Ongoing confidentiality, integrity, availability and resilience of processing systems and services)Regulation (GDPR): A Commentary, Article 32 GDPR, p. 636 (Oxford University Press 2020). Jandt, in Kühling, Buchner, DS-GVO BDSG, Article 32 GDPR, margin number41 KB (5,197 words) - 12:17, 17 April 2024
- Article 34 GDPR (category GDPR Articles) (section (2) Minimal requirements of the controller's communication to the data subject)meaning Recital 86 GDPR). However, Article 34 GDPR does not provide a specific deadline of 72 hours as is the case in Article 33 GDPR. Instead, timelines37 KB (3,962 words) - 15:20, 16 June 2023
- must also be involved in the drafting of the DPIA under Article 35(2) GDPR and Article 39(1)(c) GDPR, and their advice should be recorded by the controller52 KB (7,297 words) - 08:05, 18 July 2023
- mechanism referred to in Article 63 GDPR (Article 28(8) GDPR). The Commission has made use of its power under Article 28(7) GDPR and published standard contractual72 KB (9,140 words) - 13:12, 2 June 2023
- categories of data under Article 9 GDPR or data relating to criminal convictions and offences under Article 10 GDPR. Article 37(2) GDPR allows for the designation43 KB (4,904 words) - 12:59, 21 July 2023
- Article 57 GDPR (category GDPR Articles) (section (a) Monitor and enforce the application of the GDPR)commentary to Article 60 GDPR, Article 61 GDPR, Article 62 GDPR, Article 63 GDPR, Article 64 GDPR, Article 65 GDPR, Article 66 GDPR and Article 56 GDPR. The SA60 KB (7,796 words) - 20:12, 1 April 2024
- Article 23 GDPR (category GDPR Articles) (section (a) National security, (b) Defense and (c) Public security)access (Article 15 GDPR), rectification (Article 16 GDPR), erasure (Article 17 GDPR), restriction of processing (Article 18 GDPR), notification obligation44 KB (4,896 words) - 06:25, 16 June 2023
- applicability of Article 49(1) GDPR, the documentation of suitable safeguards (Article 30(2)(c) GDPR). See commentary under Article 30(1)(e) GDPR. The processor's31 KB (3,327 words) - 15:31, 5 June 2023
- in paragraph 2 shall not be based on special categories of personal data referred to in Article 9(1), unless point (a) or (g) of Article 9(2) applies and31 KB (4,768 words) - 06:24, 16 June 2023
- Article 65 GDPR (category GDPR Articles) (section (b) Conflict of views on the lead supervisory authority (LSA))lead SA (“LSA”) (Article 65(1)(b) GDPR), and where a SA is not following an opinion of the EDPB (Article 6(1)(c) GDPR). Article 65(1)(a) GDPR addresses the33 KB (4,185 words) - 16:09, 2 November 2023
- Article 27 GDPR (category GDPR Articles) (section (a) Processing Which is Occasional and Does Not Include Data in the Sense of Articles 9 and 10 GDPR)data covered by Article 9 GDPR or Article 10 GDPR, and is unlikely to result in a risk to the rights and freedoms of natural persons, and (b) when the processing25 KB (2,418 words) - 14:11, 24 May 2023
- subject to processing, as described in Article 3(2)(a) and (b) GDPR. Common Misunderstanding: The application of the GDPR does in no way depend on the citizenship37 KB (4,635 words) - 13:29, 24 October 2023
- from Articles 13(2)(b) and 14(2)(c) GDPR. However, Article 21(4) GDPR specifies that the right to object under Article 21(1) and 21(2) GDPR (i.e. the right49 KB (5,993 words) - 06:22, 16 June 2023
- with the support of the EDPB in accordance with Article 70(1)(b) GDPR. According to Article 45(5) GDPR, the continued monitoring referred to in paragraph43 KB (5,641 words) - 14:58, 28 April 2022
- processing), Article 57 GDPR (tasks of SAs), Article 58 GDPR (powers of SAs), as well as Article 65 GDPR (dispute resolution by the board), Article 63 GDPR (consistency55 KB (7,446 words) - 22:28, 1 April 2024
- Article 18 GDPR (category GDPR Articles) (section (d) Objection to processing under Article 21(1) GDPR)contrast to Article 23(1)(e) GDPR, which sets out strict requirements for the Union or Member State's law restricting GDPR rights, Article 18(2) GDPR does not32 KB (3,730 words) - 08:43, 7 March 2024
- Article 7 GDPR (category GDPR Articles) (section (2) Consent request in the context of a written declaration concerning other matters)accountability in Article 5(2) GDPR, paragraph (2) specifies further requirements in the general principle of transparency under Article 5(1)(a) GDPR, paragraph31 KB (3,489 words) - 16:00, 8 March 2024
- Article 24 GDPR (category Article 24 GDPR) (section Shall implement appropriate technical and organisational measures to ensure GDPR compliance)(e.g. Article 25 (1) and (2), Article 28(1), Article 32(1) GDPR, Article 89(1) GDPR). These measures can also be regarded as measures under Article 24(1)30 KB (3,458 words) - 10:31, 25 April 2024
- standards in Article 43(9) for certification mechanisms is precisely to ensure uniformity of implementation. Furthermore, Article 43(9) GDPR also allows22 KB (1,634 words) - 14:40, 28 July 2023
- to in Article 61(6) GDPR. Those implementing acts shall be adopted in accordance with the examination procedure referred to in Article 93(2) GDPR. → You24 KB (2,181 words) - 11:46, 15 January 2024
- Article 49 GDPR (category GDPR Articles) (section (b) Necessary for the performance of a contract between the data subject and the controller or the implementation of pre-contractual measures taken at the data subject's request)Regulation (GDPR): A Commentary, Article 49 GDPR, p. 846 (Oxford University Press 2020). EDPB, ‘Guidelines 2/2018 on derogations of Article 49 under Regulation29 KB (3,500 words) - 08:54, 27 March 2023
- Article 46 GDPR (category GDPR Articles) (section (b) Binding corporate rules in accordance with Article 47)access (Article 15 GDPR), rectification (Article 16 GDPR), deletion (Article 17 GDPR), restriction of processing (Article 18 GDPR), objection (Article 21 GDPR)34 KB (3,646 words) - 08:53, 27 March 2023
- Article 29 GDPR (category GDPR Articles) (section Commonalities and differences in relation to Article 28(3)(b) GDPR)relevance of Article 29 GDPR were rooted in the fact that Article 28(3)(b) GDPR already seems to cover much of the scope of Article 29 GDPR. More specifically13 KB (674 words) - 13:15, 2 June 2023
- elements in Article 2(1) are fulfilled, the GDPR applies unless the processing falls under one of the exemptions named in Article 2(2)(a) to (d) GDPR. The first34 KB (4,652 words) - 12:07, 12 November 2023
- from any of the GDPR’s protections. → You can find all related decisions in Category:Article 39 GDPR Just as Article 38 GDPR, Article 39 GDPR also shows similarities23 KB (2,165 words) - 15:10, 27 July 2023
- exercise on their behalf all rights foreseen under Articles 77 and 78 GDPR and Article 20 of L. 4624/2019. The mandate shall be given with a specific written23 KB (2,039 words) - 08:15, 25 April 2024
- liability and jurisdiction provisions (Articles 47(1)(b), 47(2)(d), 47(2)(e), 47(2)(g), 47(2)(i), 47(2)(l) GDPR); a duty for the EU BCR member to accept responsibility29 KB (2,823 words) - 15:15, 28 April 2022
- leeway exists only in cases of Article 64(2) GDPR but not the context of Article 70(2) GDPR. According to Article 70(3) GDPR, the EDPB is obligated to “forward27 KB (3,038 words) - 12:19, 11 October 2023
- on Article 36(4), it is still disputed whether the outcome of the procedure rather resembles that of Article 58(3)(a) GDPR or Article 58(3)(b) GDPR. See31 KB (3,646 words) - 08:51, 21 July 2023
- Garante per la protezione dei dati personali (Italy) (section Complaints Procedure under Art 77 GDPR)reference, see Article 143 of the Code). However, detailed time-limits can be found in Regolamento n. 2/2019 cited above. Under Article 154 of the Code7 KB (808 words) - 08:17, 16 February 2023
- Article 54 GDPR (category GDPR Articles) (section (b) Qualifications and eligibility conditions for SA members)Commentary. Article 54(1)(b) GDPR echoes Article 53(2) GDPR, which outlines the qualificatory and experiential requirements for SA members. However, unlike Article34 KB (3,649 words) - 13:19, 30 October 2023
- Article 97 GDPR (category Article 97 GDPR)years as per Article 45(3) GDPR, and subject to regular reporting, which Article 97(2) GDPR provides for. The third paragraph of Article 97 GDPR, obliges the16 KB (778 words) - 08:24, 19 October 2023
- Article 69 GDPR (category Article 69 GDPR) (section (2) The Board shall neither seek nor take instructions from any body)proposed amendments to the GDPR (pursuant to Article 70(1)(b) GDPR). Although not explicitly mentioned in Article 69(2) GDPR, the requirement that the Board18 KB (1,327 words) - 12:36, 14 December 2023
- Article 20 GDPR (category GDPR Articles) (section (2) Right to have personal data directly transmitted to another controller)pursuant to point (a) of Article 6(1) or point (a) of Article 9(2) or on a contract pursuant to point (b) of Article 6(1); and (b) the processing is carried40 KB (5,349 words) - 07:05, 1 June 2023
- Article 50 GDPR (category GDPR Articles)similar to the ones laid out by Article 50 GDPR. Article 50 GDPR is divided in two different parts: letters (a) and (b) aim for cooperation with other17 KB (1,142 words) - 15:41, 28 April 2022
- Article 41 GDPR (category GDPR Articles) (section (2) Criteria for accreditation from the competent supervisory authority)clear from the wording of Article 41(1) GDPR. Article 41(1) GDPR does not define accreditation. Nonetheless, Article 41(2) GDPR provides a criterion against30 KB (2,720 words) - 14:02, 28 July 2023
- requirements. Although Article 40(5) GDPR mentions that the competent DPA will be determined through the application of Article 55 GDPR, the GDPR does not provide44 KB (5,008 words) - 14:50, 28 July 2023
- Article 75 GDPR (category Article 75 GDPR) (section (2) Exclusive Performance of Tasks under the Instructions of the Chair)Protection Regulation (GDPR), Article 75 GDPR, p. 1105 (Oxford University Press 2020). Dix, in Kühling, Buchner, DS-GVO BDSG, Article 75 GDPR, margin number 620 KB (1,347 words) - 14:21, 17 October 2023
- a binding dispute resolution procedure in accordance with Article 65 GDPR. Article 64(2) GDPR allows any SA, the EDPB Chair or the Commission to request23 KB (2,079 words) - 16:07, 2 November 2023
- Regulation (GDPR), Article 76 GDPR, p. 1111-1112 (Oxford University Press 2020). Docksey, in Kuner et al., The EU General Data Protection Regulation (GDPR), Article15 KB (787 words) - 08:17, 19 October 2023
- Article 92 GDPR (category Article 92 GDPR) (section (2) Delegation of power under Article 12(8) and 43(8) GDPR)pursuant to Article 92(5) GDPR. Article 92(5) GDPR imposes a further condition for the delegation of power, in line with Article 290(2)(b) TFEU. A delegated19 KB (1,525 words) - 08:18, 19 October 2023
- Datatilsynet (Norway) - 20/01893 (category Article 9(2) GDPR)receiving disability pension, in breach of Article 5(1)(c), Article 5(1)(e), Article 6(1), and Article 9(2) GDPR. The Norwegian Public Service Pension Fund40 KB (5,895 words) - 15:30, 12 January 2022
- Article 93 GDPR (category Article 93 GDPR) (section (2) Examination procedure under Article 5 of Regulation (EU) No. 182/2011)unlike delegated acts made under Article 92 GDPR. Article 93(2) GDPR explicitly provides for the application of Article 5 of Regulation (EU) No 182/201117 KB (1,096 words) - 08:19, 19 October 2023
- (which are listed in Article 58 GDPR) to certain safeguards, which are listed in Section 115(5)-(9) of the Act. For instance, Section 115(9) requires that the18 KB (2,488 words) - 15:22, 14 December 2021
- Article 44 GDPR (category GDPR Articles)important to note that Article 13(1)(f) GDPR, Article 14(1)(f) GDPR, Article 15(1)(c) GDPR and Article 15(2) GDPR, make specific reference to transfers of personal21 KB (1,831 words) - 08:51, 27 March 2023
- Chair represents the Board (Article 68(2) GDPR) and is responsible for directing the work of the secretariat (Article 75(2) GDPR). Other specific responsibilities15 KB (808 words) - 09:44, 17 October 2023
- Article 78 GDPR (category GDPR Articles) (section (2) Right to judicial remedy against DPA inactivity)or infringes the GDPR or any other applicable laws, including national ones. See commentary under Article 77 GDPR. Article 78(1) GDPR establishes both30 KB (3,874 words) - 10:46, 7 December 2023
- Press 2020). Spiecker et al., GDPR Article-by-Article Commentary (2023), p 1090. Spiecker et al., GDPR Article-by-Article Commentary (2023), p 1090. CJEU22 KB (2,177 words) - 10:01, 19 March 2024
- Regulation (GDPR): A Commentary, Article 38 GDPR, p. 707 (Oxford University Press 2020). Bergt, in Kühling, Buchner, DS-GVO BDSG, Article 38 GDPR, margin number29 KB (2,951 words) - 14:19, 25 July 2023
- Article 55 GDPR (category GDPR Articles) (section (2) Exclusive competence regarding processing for compliance with a legal obligation or in the public interest)which would be competent under Article 55(1) GDPR, as provided in Article 56 GDPR in connection with Article 60 GDPR. For more information see commentary35 KB (3,971 words) - 21:34, 1 April 2024
- Article 91 GDPR (category Article 91 GDPR) (section Rules that are comprehensive and in line with the GDPR)Regulation (GDPR), Article 91 GDPR, p. 1263 (Oxford University Press 2020). Tosoni, in Kuner et al., The EU General Data Protection Regulation (GDPR), Article25 KB (2,482 words) - 10:04, 19 March 2024
- Article 53 GDPR (category GDPR Articles) (section (2) Qualification, experience and skills of the member(s))occupation. For example, Article 52(2) GDPR requires SA members to remain free from external influence and Article 52(3) GDPR entails a prohibition of29 KB (2,894 words) - 23:06, 1 April 2024
- of such processing (see Article 5(1)(b) GDPR), the requirement to have a legitimate basis laid down by law (see Article 6(1) GDPR), the right to access and48 KB (5,978 words) - 15:57, 1 February 2024
- laid down in Article 57 GDPR. The powers of SAs are both investigative and corrective, which are set out in Article 58 GDPR. Article 52(2) GDPR requires two47 KB (5,594 words) - 22:45, 1 April 2024
- Garante per la protezione dei dati personali (Italy) - 9995680 (category Article 9(2) GDPR)processing lack any applicable conditions found in Article 9(2) GDPR and was found in breach of Article 5(2) GDPR. Additionally, the Garante reiterated that the105 KB (16,849 words) - 11:58, 11 April 2024
- DSB (Austria) - 2021-0.586.257 (category Article 4(2) GDPR)website controller qualifies as controller (Article 4(7) GDPR) and Google LLC as processor (Article 4(8) GDPR) for data processing in connection with Google108 KB (17,097 words) - 13:52, 12 May 2023
- Article 95 GDPR (category Article 95 GDPR)situation, Article 95 GDPR will not be relevant, and the GDPR applies as normal. Notably, Recital 173 GDPR, which relates to Article 95 GDPR, omits reference20 KB (1,539 words) - 08:21, 19 October 2023
- Datatilsynet (Norway) - 20/02136 (category Article 3(2) GDPR) (section Special categories of data under Article 9 GDPR)trigger Article 9, irrespective of how the data is further processed by the data controllers the data was disclosed to. The exception under Article 9(2) is18 KB (2,375 words) - 16:17, 6 December 2023
- formation, meaning one president and five others elected members, pursuant to Article 9 of the Law "Informatique et Libertés". The CNIL's internal rules indicate8 KB (824 words) - 22:52, 27 February 2024
- dsb.gv.at/dam/jcr:ee7b155a-0a1f-4d00-98e9-902314c7022d/Datenschutzbericht%202022.pdf Report: Europe’s governments are failing the GDPR by Brave, page 6 -11 KB (1,468 words) - 13:27, 14 May 2023
- conduct under Article 83 GDPR should be excluded from penalties issued under Article 84 GDPR is debated. Whilst the wording of the GDPR is simply unclear19 KB (1,477 words) - 14:12, 7 November 2023
- GDPRhub style guide (section GDPR)Subparagraph (1)(b) therefore has to be written as #1b! Example: [[Article 6 GDPR#1b|Article 6(1)(b)]] becomes Article 6(1)(b) and links to Article 6, section17 KB (2,510 words) - 13:56, 24 April 2023
- EDPB - Binding Decision 3/2022 - 'Meta (Facebook)' (category Article 9 GDPR)the basis of Article 6(1)(b): “...there is a risk that the Draft Decision’s failure to establish Meta IE's infringement of Article 6(1)(b) GDPR, pursuant53 KB (8,413 words) - 14:10, 30 January 2023
- CJEU - C-252/21 - Meta Platforms and Others v Bundeskartellamt (category Article 9 GDPR)categories set out in Article 9(1) GDPR relate, the user does not 'manifestly make public', within the meaning of Article 9(2)(e) GDPR, the data relating8 KB (1,231 words) - 08:22, 6 July 2023
- Datatilsynet (Denmark) - 2020-431-0061 (Helsingor decision no. 3) (category Article 58(2)(f) GDPR)protection regulation's article 5, subsection 2, cf. Article 5, subsection 1, letter a, Article 24, cf. Article 28, subsection 1, Article 35, subsection 1, as117 KB (18,075 words) - 10:19, 12 September 2022
- IMY (Sweden) - DI-2020-11373 (category Article 44 GDPR)................... .....9 2.2.2 The Privacy Protection Authority's assessment...................................10 2.3 Tele2 is the personal data controller113 KB (12,773 words) - 15:20, 6 December 2023
- BVwG - W258 2217446-1 (category Article 9(2) GDPR)personal data under Article 9(1) GDPR. Their processing would require the data subjects' explicit consent under Article 9(2)(a) GDPR and § 151(4) GewO,79 KB (12,652 words) - 09:41, 10 September 2021
- Court of Appeal of Brussels - 2019/AR/1600 (category Article 13(2)(a) GDPR)violation of Article 6(1) GDPR; 2. Did not provide the complainant with enough information prior to the processing, in violation of Article 13 GDPR; 3. Processed60 KB (9,144 words) - 16:17, 22 March 2022
- CJEU - Joined Cases C‑26/22 and C‑64/22 - SCHUFA (category Article 6(1) GDPR)interests under Article 6(1)(f) GDPR. On the erasure obligations under Article 17 GDPR, the CJEU held that under Article 17(1)(d) GDPR SCHUFA will be under15 KB (2,180 words) - 08:23, 13 December 2023
- Protection Act 2019 sets exceptions in Article 9(1) GDPR, Article 15 GDPR, Article 16 GDPR, Article 18 GDPR and Article 21 GDPR for scientific or historical research10 KB (1,037 words) - 14:52, 10 July 2020
- AEPD (Spain) - EXP202105680 (category Article 9 GDPR)person.” Article 9.2 of the GDPR however means that: “Section 1 will not apply when one of the following circumstances occurs:” which cover article 9.2.a) to66 KB (10,558 words) - 13:14, 13 December 2023
- DSB (Austria) - D124.1177/0006-DSB/2019 (category Article 9(2)(j) GDPR) (section Article 17(1)(d) GDPR)cites Articles 5(1)(b) and (e), 9(2)(j), 89(1) GDPR and Section 7(1)(1) and (2)(1) GDPR. In particular, it follows from Article 9(2)(j) GDPR that the processing31 KB (4,648 words) - 13:56, 12 May 2023
- Tietosuojavaltuutetun toimisto (Finland) - 4680/182/18 (category Article 9(2)(a) GDPR)according to Article 9(2)(a) GDPR. On the basis of the information gathered, the DPA held that the controller had violated Article 9 GDPR. As a result49 KB (7,496 words) - 14:44, 24 January 2024
- AEPD (Spain) - PS/00240/2019 (category Article 5(1)(b) GDPR)given that Article 6(1), Article 5(1)(a), Article 5(1)(d), Article 5(1)(c), and Article 14 GDPR were infringed in connection to Article 5(1)(b), the AEPD602 KB (102,229 words) - 14:21, 13 December 2023
- How to add a new decision (section Add a GDPR Article)6(1)(a) GDPR for consent and Article 6(1) GDPR if there was no legal basis at all). If any other EU law was relied on, add the Article and name of the law and17 KB (2,638 words) - 11:18, 19 February 2024
- within the meaning of Art. 83(2)(b) GDPR. 69 In the opinion of the Senate, the review and deletion periods under section II.2.b) of the Rules of Conduct regarding51 KB (8,215 words) - 09:55, 13 May 2022
- IMY (Sweden) - DI-2020-11397 (category Article 44 GDPR)of personal data of data subjects guaranteed by Article 44 GDPR and consequently breached Article 44 GDPR. The DPA issued a fine of 300,000 SEK (approx.121 KB (13,722 words) - 15:16, 5 July 2023
- Datatilsynet (Denmark) - 2020-431-0061 (Helsingor decision no. 2) (category Article 5(2) GDPR)pursuant to Article 5(2) GDPR in conjunction with Article 5(1)(a) GDPR. Failure to demonstrate that processing is performed in accordance with the GDPR The DPA75 KB (11,733 words) - 16:33, 21 August 2022
- the context of the employment relationship. In application of Article 88 of the GDPR, Article 111 of the Code provides that such data shall be processed in6 KB (757 words) - 13:53, 16 August 2022
- Tietosuojavaltuutetun toimisto (Finland) - 7285/183/18 (category Article 5(1)(b) GDPR)General Data Protection Regulation Article 5(1)(a), (b) and (c). Article 7 Article 9 Article 25 paragraph 2 Article 58 Article 83 Data Protection Act Section73 KB (11,237 words) - 05:34, 21 July 2022
- CNIL (France) - SAN-2020-012 (category Article 4(7) GDPR)the fine, the criteria specified in the same article 83. 111. Article 83 of the GDPR, as referred to in Article 20, paragraph III, of the Data Protection93 KB (14,936 words) - 17:09, 6 December 2023
- CJEU - C-77/21 - Digi (category Article 5(1)(b) GDPR)regarding Articles 5(1)(b) GDPR and 5(1)(e) GDPR and held that national courts had to determine, using the factors of Article 6(4) GDPR, whether further processing49 KB (7,800 words) - 09:22, 5 January 2024
- LAG Hessen - 9 Sa 1431/19 (category Article 15(1) GDPR)purpose limitation in accordance with Article 5 Paragraph 1 Letter b GDPR (Paal/Pauly/Paal, 3rd edition 2021, GDPR Article 15 Rn. 24). The plaintiff has a right32 KB (5,093 words) - 16:07, 11 September 2022
- CNPD (Luxembourg) - Délibération n° 20FR/2021 (category Article 39(1)(b) GDPR)analyzes the criteria by Article 83.2 of the GDPR: - As to the nature and seriousness of the violation [article 83.2 a) of the GDPR], with regard to breaches66 KB (9,458 words) - 19:42, 4 September 2021
- HDPA (Greece) - 6/2020 (category Article 58(2)(b) GDPR)conferred on it by the provisions of Article 58 of the GDPR and Article 15 of Law 4624/2019. 2. As Article 5 of the GDPR defines the processing principles29 KB (4,557 words) - 15:33, 6 December 2023
- HDPA (Greece) - 20/2020 (category Article 2(2)(a) GDPR)Articles 5, 6 par. 1 point (e) and 9 par. 2 (g) GDPR 2016/679 and c) calls, pursuant to article 58 par.2 verse. d GDPR 2016/679, 401 General Military Hospital29 KB (4,578 words) - 15:35, 6 December 2023
- Hoge Raad - 21/00241 (category Article 6(1)(c) GDPR)referred to in Art. 17 GDPR and (b) that the person has no right of objection within the meaning of Art. 21 GDPR. 3.2.2 art. 21 para. 1 GDPR provides that a data29 KB (4,605 words) - 17:00, 15 December 2021
- CNPD (Portugal) - Deliberação 2022/1072 (category Article 9(1) GDPR)of paragraphs 1 and 2 and paragraph b) of paragraph 3, all of article 35, and paragraph a) of paragraph 4 of article 83, all GDPR, with a fine of up to163 KB (27,222 words) - 16:54, 6 December 2023
- OLG Dresden - 4 U 1905/21 (category Article 12(5)(b) GDPR)§ 8 clause 2 of the GTC agreed between the parties (according to § 8 b paragraph 2 MB/KK). 52 § 8 b para. 2 MB/KK violates §203 sentence 2 VVG and is therefore40 KB (6,325 words) - 16:12, 18 May 2022
- AEPD (Spain) - PS/00451/2019 (category Article 6(1)(f) GDPR)regard to article 83.2 (k) of the RGPD, the LOPDGDD, article 76, "Sanctions and corrective measures", provides: "2. In accordance with Article 83(2)(k) of26 KB (4,231 words) - 14:44, 13 December 2023
- AEPD (Spain) - EXP202206626 (category Article 5(1)(c) GDPR)300 euros (THREE HUNDRED euros). SECOND: ORDER D. B.B.B. that, pursuant to article 58.2 d) of the GDPR, in the Within ten business days, take the following35 KB (5,475 words) - 13:21, 13 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 3216/452/17 (category Article 9(2)(a) GDPR)violated Article 5(1)(a) GDPR, Article 5(1)(c) GDPR, Article 9 GDPR and Article 25(2) GDPR. As a result, and in accordance with Article 58(2)(d) GDPR, the60 KB (9,117 words) - 14:46, 24 January 2024
- Garante per la protezione dei dati personali (Italy) - 9852214 (category Article 9 GDPR)in particular of children was in breach of Article 5, Article 6, Article 8, Article 9, and Article 25 GDPR. Consequently, the DPA urgently imposed upon36 KB (5,598 words) - 10:15, 8 February 2023
- VGH Baden-Württemberg - 1 S 397/19 (category Article 18(2) GDPR)force: "According to Article 16 sentence 1 GDPR, every data subject has the right to request the controller (see Article 4(7) GDPR) to correct incorrect112 KB (19,310 words) - 08:08, 23 June 2022
- APD/GBA (Belgium) - 21/2022 (category Article 5(1)(f) GDPR) (section Accountability (Article 24 GDPR), data protection by design and by default (Article 25 GDPR), integrity and confidentiality (Article 5(1)(f) GDPR), as well as security of processing (Article 32 GDPR))pursuant to Article 17(2) DPA Act. 9. Moreover, as regards the one-stop-shop mechanism, Article 56 GDPR states: "Without prejudice to Article 55, the supervisory429 KB (58,279 words) - 09:12, 2 November 2022
- AEPD (Spain) - EXP202105344 (category Article 6(1) GDPR)Agency RESOLVES: FIRST: IMPOSE B.B.B., with NIF ***NIF.1, for an infraction of article 6.1 of the RGPD, typified in article 83.5 of the RGPD, a fine of €1022 KB (3,319 words) - 13:00, 13 December 2023
- CNIL (France) - SAN-2022-019 (category Article 3(2) GDPR)did not react either. GDPR applicable? (Article 3(2) GDPR) The DPA held that the GDPR was applicable pursuant of Article 3(2) GDPR. Because the controller11 KB (1,452 words) - 17:03, 6 December 2023
- APD/GBA (Belgium) - 53/2020 (category Article 5(1)(b) GDPR)taken up again at Article 5.1(b) of the GDPR under the Principles for the Processing of Personal Data (Chapter II). 16. Article 5.1(b) of the GDMP provides35 KB (5,853 words) - 16:58, 12 December 2023
- AEPD (Spain) - E/10529/2021 (category Article 45 GDPR)section 2, letter b), of this article. The The implementing act shall be adopted in accordance with the examination procedure referred to in re article 93,44 KB (6,642 words) - 10:34, 13 December 2023
- APD/GBA (Belgium) - 31/2020 (category Article 5(1)(c) GDPR)infringement of Article 5.1 c) AVG has been proven. f)Transparent information (Article 5.1(a); Article 12.1. and Article 13.1. and 13.2. AVG) 43.The complainant48 KB (7,926 words) - 16:56, 12 December 2023
- CNIL (France) - SAN-2020-014 (category Article 9 GDPR)breach of Article 32 of the GDPR has occurred. B. On the failure to notify the data breach to the CNIL 32. Pursuant to Article 33 (1) of the GDPR, in the26 KB (4,050 words) - 17:10, 6 December 2023
- AEPD (Spain) - EXP202100764 (category Article 5(1)(f) GDPR)IMPOSE COMMUNITY OWNERS B.B.B., with NIF ***NIF.1, for a violation of Article 5.1.f) of the GDPR, typified in Article 83.5 of the GDPR, a fine of ONE THOUSAND34 KB (5,184 words) - 13:22, 13 December 2023
- IMY (Sweden) - DI-2020-11370 (category Article 44 GDPR)..................... .14 2.2.1 Applicable regulations, etc. ................................................... ...14 2.2.2 The Privacy Protection Authority's131 KB (14,752 words) - 08:36, 5 July 2023
- Datatilsynet (Norway) - 21/03530 (category Article 6(1)(b) GDPR)by the EDPB pursuant to Article 66(2) GDPR. Temporary ban on processing (order) Pursuant to Article 66(1) GDPR and 58(2)(f) GDPR the Norwegian DPA consequently99 KB (14,431 words) - 16:20, 6 December 2023
- BVwG - W214 2233132-1/13E (category Article 15(1)(c) GDPR)under Article 77 GDPR was very clear and limited in scope. However, the DSB went on to assert a violation of Article 12 GDPR and Article 15(1)(h) GDPR, acting47 KB (7,519 words) - 09:28, 13 February 2024
- Garante per la protezione dei dati personali (Italy) - 9860529 (category Article 9 GDPR)right to privacy. Health data are sensitive data covered by Article 9 GDPR. According to Article 137 of the Italian Data Protection Code, health data can16 KB (2,354 words) - 15:45, 6 December 2023
- CNPD (Portugal) - Deliberação 2021/533 (category Article 9 GDPR)2016 (General Data Protection Regulation - GDPR), in conjunction with Article 3, Article 4(2) and Article 6(1)(b), all of which are applicable to the processing30 KB (4,708 words) - 16:56, 6 December 2023
- VK Baden-Württemberg - 1 VK 23/22 (category Article 44 GDPR)within the meaning of Article 4 no. 2 of the GDPR and the term "transfer" within the meaning of Article 44 et seq. of the GDPR. GDPR had to be differentiated62 KB (10,113 words) - 12:48, 17 August 2022
- APD/GBA (Belgium) - 06/2019 (category Article 58(2)(i) GDPR)c), Article 6.1., Article 13.1. c), Article 13.1. c), Article 13.1. e) and Article 13.2. a) of the DGPS pursuant to Article 101 of the ICA, to impose20 KB (3,137 words) - 16:51, 12 December 2023
- APD/GBA (Belgium) - 37/2020 (category Article 17 GDPR)provided for in Article 56(1), read in conjunction with Article 56(2), read in conjunction with Article 56(3), read in conjunction with Article 56(4), read131 KB (22,429 words) - 16:57, 12 December 2023
- OLG Nürnberg - 8 U 2907/21 (category Article 12(5)(b) GDPR)right to access under Article 15 GDPR because the controller was entitled to reject the request pursuant to Article 12(5)(b) GDPR. The court reasoned that24 KB (3,847 words) - 15:19, 11 September 2022
- BVwG - W245 2252208-1/36E and W245 2252221-1/30E (category Article 46(2)(c) GDPR)(VWA ./05, see point II.2), the XXXX (VWA ./06, see point II.2) and a certificate of representation (VWA ./07, see point II.2). I.2. As a result, the BA continued158 KB (26,392 words) - 08:25, 7 June 2023
- IMY (Sweden) - DI-2020-11368 (category Article 44 GDPR)...................... .11 2.2.1 Applicable regulations, etc. ................................................ ...11 2.2.2 The Privacy Protection Authority's115 KB (12,842 words) - 08:38, 5 July 2023
- AEPD (Spain) - EXP202203617 (category Article 5(1)(c) GDPR)RESOLVES: FIRST: IMPOSE B.B.B., with NIF ***NIF.1, for a violation of Article 6 of the GDPR, typified in Article 83.5.a) of the GDPR, and classified as very74 KB (11,726 words) - 13:02, 13 December 2023
- APD/GBA (Belgium) - 02/2021 (category Article 6 GDPR)d'un accord conformément à l'article 9, paragraphe 2, point b) ; et b) le traitement est effectué par des moyens automatisés. 2. Dans l'exercice de son droit96 KB (15,396 words) - 16:50, 12 December 2023
- CJEU - C-667/21 - Krankenversicherung Nordrhein (category Article 9(2)(h) GDPR)processing of data concerning health laid down in Article 9(1) GDPR is possible under Article 9(2)(h) GDPR) in a case such as the present one, are there further14 KB (1,916 words) - 16:03, 2 February 2024
- HDPA (Greece) - 56/2021 (category Article 13 GDPR)and with Article 21(5) of the GDPR, and with Article 21(2)(a) of the GDPR. 1(b) of Law No. 2472/1997, in conjunction with Article 13 par. 4 of Law No. 3471/200654 KB (8,916 words) - 15:22, 22 February 2022
- HDPA (Greece) - 31/2023 (category Article 5(1)(c) GDPR)with the principles of article 5 par. 1 GDPR. It is no coincidence that the GDPR includes accountability (see Article 5 para. 2 GDPR) in the regulation of61 KB (10,257 words) - 10:15, 1 November 2023
- AEPD (Spain) - EXP202210525 (category Article 6(1) GDPR)according to article 4.1 of the GDPR, is data personnel and their protection, therefore, is the subject of said Regulation. In article 4.2 of the GDPR defines22 KB (3,427 words) - 13:26, 13 December 2023
- AEPD (Spain) - EXP202205104 (category Article 6(1) GDPR)of personal data of clients or third parties (article 83.2.k, of the GDPR in relation to article 76.2.b, of the LOPDGDD). The Judgment of the National26 KB (4,147 words) - 13:27, 13 December 2023
- VG Wiesbaden - 6 K 788/20.WI (category Article 4(4) GDPR)decision within the meaning of Article 22(1) and Article 22(2) GDPR - then the opening clause of Article 22(2)(b) GDPR does not apply to national rules52 KB (8,534 words) - 12:58, 15 December 2021
- LG Köln - 33 O 376/22 (category Article 6(1)(b) GDPR)conjunction with § 307 para. 1 sentence 2 BGB. The plaintiff bases claim 1.c. on § 2 para. 1, para. 2 p. 1 no. 11 b) UKlaG in conjunction with. § 25 para66 KB (9,990 words) - 12:30, 29 January 2024
- the following: Article 66 GDPR gives the possibility for a procedure of urgency and from this article (and Article 66 and Article 62 GDPR), the European25 KB (3,812 words) - 10:03, 20 August 2021
- HDPA (Greece) - 57/2021 (category Article 13 GDPR)pre-existing form of Article 11 of Law 3471/2006). However, with the provisions of article 16 par. 1 and 2 of law 3917/2011, par. 1 and 2 of article 11 of law 3471/200645 KB (7,165 words) - 15:22, 22 February 2022
- CJEU - T‑200/21 JS v European Data Protection Supervisor (EDPS) (category Article 17 GDPR)right to erasure (“right to be forgotten”) of Article 17 GDPR and Article 19 of Regulation 2018/1725. Under GDPR, such prolonged and unrestricted data retention61 KB (9,971 words) - 14:28, 4 January 2024
- HDPA (Greece) - 18/2020 (category Article 5(2) GDPR)compliance and accountability with the principles of Article 5(1) and par.2 in conjunction with Article 6(1) GDPR. B. imposes on NEW YORK COLLEGE S.A. the effective12 KB (1,733 words) - 15:34, 6 December 2023
- AEPD (Spain) - EXP202202164 (category Article 5(1) GDPR)portability of the data c) when the processing is based on Article 6(1)(a) or Article 9, paragraph 2, letter a), the existence of the right to withdraw consent29 KB (4,482 words) - 14:06, 5 March 2024
- AEPD (Spain) - EXP202201746 (category Article 5(1)(f) GDPR)these facts: one for the violation of article 5.1.f) RGPD, and another for article 32 GDPR. x Article 58.2 of the GDPR provides the following: “Each supervisory62 KB (9,703 words) - 13:05, 13 December 2023
- AEPD (Spain) - EXP202203969 (category Article 6(1) GDPR)personal data", circumstance provided for in article 76.2.b) LOPDGDD in connection with article 83.2.k) GDPR. The business activity of the defendant necessarily45 KB (7,135 words) - 13:08, 13 December 2023
- AEPD (Spain) - EXP202102430 (category Article 58(2)(d) GDPR)in the article 57.1 and the powers granted in article 58.1 of the Regulation (EU) C/ Jorge Juan, 6 www.aepd.es 28001 – Madrid sedeagpd.gob.es 2/12 2016/67933 KB (4,835 words) - 13:26, 13 December 2023
- AEPD (Spain) - PS/00001/2021 (category Article 5(2) GDPR)for the violation of Article 5(1)(f) GDPR and Article 5(2) GDPR. The AEPD considered that the fine was proportional, since the GDPR establishes that fines270 KB (43,335 words) - 12:39, 13 December 2023
- Datatilsynet (Norway) - 20/02375 (category Article 6(1)(f) GDPR)rating, breaching Article 6(1) GDPR, and required the company to implement a policy for conducting credit ratings per Article 24 GDPR. A person lodged a40 KB (5,943 words) - 18:54, 5 March 2022
- AEPD (Spain) - EXP202206735 (category Article 6 GDPR)according to article 4.1 of the GDPR, is data personnel and their protection, therefore, is the subject of said Regulation. In article 4.2 of the GDPR defines75 KB (12,421 words) - 13:23, 13 December 2023
- APD/GBA (Belgium) - 81/2020 (category Article 5(2) GDPR)period allotted to it to do so (Article 15.1 combined with Article 12.3. of GDPR as well as Article 12.2. of the GDPR (obligation to facilitate the exercise127 KB (21,484 words) - 17:01, 12 December 2023
- AEPD (Spain) - EXP202205932 (category Article 6(1) GDPR)third parties (article 83.2.k, of the C/ Jorge Juan, 6 www.aepd.es 28001 – Madrid sedeagpd.gob.es 10/11 RGPD in relation to article 76.2.b, of the LOPDGDD)32 KB (4,952 words) - 13:11, 13 December 2023
- AEPD (Spain) - EXP202209001 (category Article 83(5)(b) GDPR)SECOND: NOTIFY this resolution to B.B.B.. THIRD: ORDER to B.B.B., with NIF ***NIF.1, which by virtue of article 58.2.d) of the RGPD, within a period of22 KB (3,303 words) - 13:28, 13 December 2023
- HDPA (Greece) - 11/2024 (category Article 17 GDPR)the GDPR does not apply established by the GDPR and, therefore, in accordance with the provisions of articles 55 para. 1, 2 para. 1 and 3 para. 2 GDPR36 KB (5,761 words) - 17:19, 22 April 2024
- LG Magdeburg - 9 O 1571/20 (category Article 6(1) GDPR)that under Article 82 (1) and (2) GDPR, any person who has suffered material or non-material damage as a result of a violation of the GDPR is entitled27 KB (4,216 words) - 13:26, 8 January 2024
- AEPD (Spain) - EXP202209511 (category Article 6(1) GDPR)IMPOSE B.B.B., with NIF ***NIF.1, for a violation of Article 6.1 and another of article 13 of the RGPD, typified in Article 83.5 letters a) and b) of the22 KB (3,257 words) - 13:28, 13 December 2023
- APD/GBA (Belgium) - 149/2023 (category Article 13(2) GDPR)of article 4.19 of the GDPR – (article 13.1. c) of the GDPR) and does not mention the data retention periods personal data processed (article 13.2. a)113 KB (17,325 words) - 08:50, 19 March 2024
- DSB (Austria) - 2021-0.347.702 (category Article 9(2)(f) GDPR)or by a third party. The court used Article 9(2)(f) GDPR to interpret legitimate interests under Article 6(1)(f) GDPR as including the establishment, exercise25 KB (3,875 words) - 10:36, 11 January 2024
- BVwG - W211 2225136-1 (category Article 5 GDPR)otherwise processed. (b) the data subject withdraws the consent on which the processing was based pursuant to Article 6(1)(a) or Article 9(2)(a) and there is39 KB (6,244 words) - 09:40, 10 September 2021
- AP (The Netherlands) - 26.11.2020 (category Article 32(1) GDPR)that the letter in question referred to Article 58(1)(a) of the GDPR and Article 5:16 in conjunction with Article 5:17 of the Awb does not make this any67 KB (11,415 words) - 17:15, 12 December 2023
- EDPB - Binding Decision 4/2022 - 'Meta (Instagram)' (category Article 9 GDPR)the basis of Article 6(1)(b): “...there is a risk that the Draft Decision’s failure to establish Meta IE's infringement of Article 6(1)(b) GDPR, pursuant468 KB (51,340 words) - 14:10, 30 January 2023
- AEPD (Spain) - PS/00117/2022 (category Article 9 GDPR)Agency sanction B.B.B., with NIF ***NIF.1, for a violation of article 6 of the RGPD, typified in article 83.5 of the RGPD, with a fine of €2,000 (two thousand30 KB (4,623 words) - 12:58, 13 December 2023
- AEPD (Spain) - EXP202205353 (category Article 5(1)(f) GDPR)the alleged violation of article 5.1.f) of the GDPR and article 32 of the GDPR, typified in article 83.5 and 83.4 of the GDPR. The initiation agreement22 KB (3,386 words) - 16:05, 13 December 2023
- Personvernnemnda (Norway) - 2021-18 (20/02059) (category Article 5(1)(d) GDPR)specific categories of information in Article 8 (1) and (5) of Directive 95/46 or in Article 9 (1), Article 10 (1) and Article 10 of Regulation 2016/679, the36 KB (5,859 words) - 06:40, 6 July 2022
- BlnBDI (Berlin) - 02.08.2023 (category Article 9(2) GDPR)controller unlawfully processed special categories of data in violation of Article 9(2) GDPR, including health data. The DPA also ruled out that the contract between6 KB (786 words) - 16:35, 12 December 2023
- BVerfG - 1 BvR 16/13 (category Article 17 GDPR)situation (see Article 9 DSRL 95/46/EC, Article 85 DSGVO - so-called media privilege; see above, marginal no. 11 f.). The reference in Article 9 of the DSRL133 KB (21,944 words) - 15:59, 22 March 2022
- HDPA (Greece) - 38/2020 (category Article 4(7) GDPR)conjunction with article 21 par. 1 verse b of Law 2472/1997 and the article of 84 Law 4624/2019, the administrative penalty mentioned in the operative part14 KB (2,070 words) - 15:38, 6 December 2023
- CNIL (France) - 2023-097 (category Article 9(2)(j) GDPR)the public interest, per Article 6(1)(e) GDPR, and was also necessary for scientific research purposes under Article 9(2)(j) GDPR. Thirdly, that the data18 KB (2,536 words) - 17:11, 6 December 2023
- NAIH (Hungary) - NAIH-2020-2546-5 (category Article 9(1) GDPR)out in Article 6 (1) of the GDPR In addition, there is a circumstance within the meaning of Article 9 (2) of the GDPR. (45) Article 9 (2) of the GDPR does72 KB (11,159 words) - 10:09, 17 November 2023
- HDPA (Greece) - 37/2020 (category Article 4(7) GDPR)conjunction with article 21 par. 1 verse b of Law 2472/1997 and the article of 84 Law 4624/2019, the administrative sanction, referred to in the operative14 KB (2,127 words) - 15:37, 6 December 2023
- AEPD (Spain) - EXP202301529 (category Article 17 GDPR)processed; b) the interested party withdraws the consent on which the treatment is based in accordance with Article 6(1)(a) or Article 9(2)(a) and this20 KB (3,078 words) - 13:05, 13 December 2023
- CNIL (France) - SAN-2019-010 (category Article 21(2) GDPR)investigations the CNIL found five breaches of the GDPR: - Violation of the right to object, Article 21(2) GDPR: no procedure was implemented to ensure effectively62 KB (10,001 words) - 17:09, 6 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 128/182/19 (category Article 9(1) GDPR)considered appropriate in accordance with Article 31(1)(b) GDPR and Article 32(2) GDPR. Pursuant to Article 58(2)(d) GDPR, the DPA ordered the controller to identify17 KB (2,339 words) - 13:39, 12 January 2024
- APD/GBA (Belgium) - 72/2020 (category Article 9(2) GDPR)lawfulness (section 2.2 below) and purpose (section 2.3 below). Finally, it will address the issue of the sanction (section 2.4 below) 2.1 Applicable Law34 KB (5,677 words) - 17:00, 12 December 2023
- Garante per la protezione dei dati personali (Italy) - 9544504 (category Article 9 GDPR)(d) and (f), 9 and 32(1)(b) GDPR.” Pursuant to Article 58(2)(i), the DPA hence imposed an administrative fine as per Article 83(4) and (5) GDPR. Given that10 KB (1,206 words) - 15:54, 6 December 2023
- EDPB - Binding Decision 5/2022 - 'Whatsapp' (category Article 9 GDPR)basis of Article 6(1)(b) GDPR: “...there is a risk that the Draft Decision’s failure to establish Whatsapp IE's infringement of Article 6(1)(b) GDPR, pursuant289 KB (33,568 words) - 15:00, 1 February 2023
- Rb. Noord-Holland - C/15/311101 / HA RK 20-227 (category Article 17(3)(b) GDPR)the exception in Article 7.3.9(2) of the Youth Act is not applicable until the 20 years have elapsed. The exception in Article 7.3.9(2) of the Youth Act22 KB (3,333 words) - 13:22, 2 June 2021
- AEPD (Spain) - EXP202204530 (category Article 83(5)(b) GDPR)Agency RESOLVES: FIRST: IMPOSE B.B.B., with NIF ***NIF.1, for a violation of article 6.1 of the RGPD, typified in article 83.5.b) of the RGPD, a fine of €1026 KB (3,971 words) - 13:26, 13 December 2023
- CNPD (Luxembourg) - Délibération n° 13FR/2023 (category Article 5(1)(b) GDPR)employees. The DPA found a violation of Article 5(1)(b) GDPR, Article 5(1)(c) GDPR and Article 13 GDPR. Following a visit to the premises of two public bodies (the96 KB (13,984 words) - 16:57, 6 December 2023
- HDPA (Greece) - 9/2024 (category Article 5(1)(a) GDPR)cases G.B.6 (11 days delay in applying the Registry), G.B.8 (6 days), G.B.9 (3 days including a weekend), G.B.10 (4 days including a weekend) and G.B.11 (5102 KB (17,186 words) - 13:46, 26 April 2024
- IMY (Sweden) - DI-2021-4355 (category Article 58(2)(b) GDPR)categories of personal data pursuant to Article 9(1) of the GDPR, unless any of the exceptions set out under Article 9(2) is applicable to the processing. These28 KB (3,101 words) - 09:49, 7 June 2023
- AEPD (Spain) - PS/00043/2020 (category Article 13 GDPR)specified period - article 58. 2 d) -. According to the provisions of article 83.2 of the RGPD, the measure provided for in article 58.2 d) of the aforementioned24 KB (3,838 words) - 13:51, 13 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 6689/186/20 (category Article 5(1) GDPR)section 6 (2) of the Data Protection Act.n as a safeguard in accordance with subsection 2.n as a safeguard in accordance with subsection 2. 15. According41 KB (6,555 words) - 08:37, 4 March 2024
- CNIL (France) - SAN-2023-0076 (category Article 9(2)(j) GDPR)instance, the controller sought to rely upon Article 6(1)(e) GDPR and Article 9(2)(j) GDPR. Article 6(1)(e) GDPR establishes a lawful basis for the processing19 KB (2,826 words) - 17:01, 6 December 2023
- AEPD (Spain) - PS/00220/2020 (category Article 83(2)(b) GDPR)significant negligent action (Article 83(2)(b) GDPR) and that basic personal identifiers were affected (Article 83(2)(g) GDPR). The economic volume of the28 KB (4,295 words) - 14:11, 13 December 2023
- AEPD (Spain) - EXP202105644 (category Article 5(1)(f) GDPR)following criteria established by article 83.2 of the RGPD, considering as aggravating circumstance according to article 76.2 b) LOPDGDD, the relationship of27 KB (4,121 words) - 15:06, 13 December 2023
- AEPD (Spain) - EXP202200439 (category Article 9 GDPR)constitutes sensitive data within the meaning of Article 9 GDPR. The DPA alluded to Article 9(1) GDPR which prohibits the processing of these special categories36 KB (5,608 words) - 13:01, 13 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 5546/163/2019 (category Article 58(2)(b) GDPR)could not be considered appropriate in accordance with Article 32(1) GDPR and Article 32(2) GDPR regarding the online appointment booking system. As a result25 KB (3,734 words) - 19:37, 27 March 2024
- HDPA (Greece) - 3/2022 (category Article 58(2)(f) GDPR)the meaning of Article 4(7) GDPR. Furthermore, the erasure or destruction of personal data is a form of processing based on Article 4(2) GDPR. The DPA has11 KB (1,492 words) - 13:09, 23 November 2022
- AEPD (Spain) - PS/00232/2020 (category Article 6(1)(b) GDPR)" Regarding section k) of article 83.2 of the RGPD, the LOPDGDD, article 76, "Sanctions and corrective measures", provides: "2. In accordance with the provisions29 KB (4,386 words) - 14:20, 13 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - TSV/26/2020 (category Article 58(2)(b) GDPR)violated Article 5(1)(e) GDPR and Article 25(2) GDPR. As a result, the DPA issued a reprimand to the controller in accordance with Article 58(2)(b) GDPR. Pursuant77 KB (12,352 words) - 07:20, 23 April 2024
- Garante per la protezione dei dati personali (Italy) - 9451734 (category Article 9(2) GDPR)paragraph 2 and paragraph 3, letter b) of the Regulation; 9, paragraphs 1, 2, 4, of the Regulation, Articles 2-ter, paragraphs 1 and 3 and 2-septies, paragraph24 KB (3,697 words) - 15:52, 6 December 2023
- UODO (Poland) - DKN.5131.6.2020 (category Article 34(2) GDPR)as Article 57 (1) (a), Article 58 (2) (e) and (i), Article 83 (1) - (3) and Article 83 (4) (a) in connection with Article 33 (1) and Article 34 (1), (2)66 KB (10,785 words) - 10:00, 17 November 2023
- Personvernnemnda (Norway) - 2018-14 (15/01355) (category Article 9(2)(a) GDPR)that the Medical List does today, cf. GDPR Article 4, No. 11, Article 6 No. 1 letter a, Article 7 and Article 9 No. 2 letter a If current practice is invalid144 KB (23,058 words) - 18:48, 5 March 2022
- VG Mainz - 1 K 584/19.MZ (category Article 9(1) GDPR)street. The DPA was allowed to issue a reprimand, Art. 58(2)(b) GDPR. On the basis of Art. 58(2)(f) GDPR, the DPA was not entitled to order the removal of camera58 KB (9,665 words) - 08:51, 25 November 2020
- AEPD (Spain) - PS/00070/2019 (category Article 5(1)(b) GDPR)referred to Article 5(1)(a) (principle of lawfulness, fairness and transparency), Article 12(1), Article 7, Article 13 and Article 14 GDPR, the corresponding422 KB (70,184 words) - 13:56, 13 December 2023
- BVwG - W258 2227269-1/14E (category Article 5(1)(b) GDPR)violating Article 5(1) GDPR Article 6 (1) GDPR Article 6(4) GDPR Article 9 GDPR Article 14 GDPR Article 30 GDPR Article 35 GDPR and Article 36 GDPR. The fine47 KB (7,345 words) - 09:41, 10 September 2021
- BVwG - W211 2210458-1/10 (category Article 2(1) GDPR)2019, BVwerG 6 C 2.18 "It follows that the opening clauses of Article 6.2 and 6.3 GDPR for processing operations under Article 6.1(1)(e) GDPR do not cover92 KB (15,435 words) - 16:00, 22 March 2022
- Datatilsynet (Norway) - 20/02191 (category Article 9(1) GDPR)processing special categories of data, cf. Article 32(1)(b) GDPR, Article 32(1)(d), Article 24 and Article 35, cf. Article 5. In May 2019, a municipality reported38 KB (5,967 words) - 11:48, 7 May 2022
- Datatilsynet (Norway) - 20/01790 (category Article 5(1)(a) GDPR)the Personal Data Act and the Privacy Ordinance, cf. section 2 and Article 2 of the Ordinance 2. The Personal Data Act and the Privacy Ordinance are coming49 KB (7,646 words) - 07:56, 7 March 2022
- AEPD (Spain) - EXP202201247 (category Article 58(2) GDPR)Ms. B.B.B. November 8, 2018 – D. D.D.D. (Brother of the claimant) send by mail the income 2017 (model100) from Ms. B.B.B.. November 9, 2018, 9:00.17 KB (2,350 words) - 13:17, 13 December 2023
- HDPA (Greece) - 33/2020 (category Article 4(7) GDPR)presenting the principles of data processing of Article 5(1) GDPR, underlined that, based on Article 5(2) GDPR, it is the data processor's responsibility to20 KB (2,270 words) - 15:37, 6 December 2023
- Commissioner (Cyprus) - 11.17.001.007.220 (category Article 35(9) GDPR)issued on 9/4/2014 by the Working Group of Article 29 on data protection, (b) the Opinion of the Article 29 Working Party on GATT entitled "Opinion 2/2017 on56 KB (8,913 words) - 16:52, 6 December 2023
- HDPA (Greece) - 50/2022 (category Article 5(1)(b) GDPR)limitation under Article 5(1)(a) of the GDPR. 1(b) and the obligation (principle) of accountability under Article 5(1)(b). 2 of the GDPR, that is to say19 KB (2,790 words) - 15:32, 6 December 2023
- EDPB - Binding Decision 2/2022 - 'Instagram' (category Article 6(1)(b) GDPR)the performance of a contract (Article 6(1)(b) GDPR) and for legitimate interest (Article 6(1)(f) GDPR). Article 6(1)(b) GDPR In its original draft decision276 KB (38,206 words) - 09:46, 20 January 2023
- APD/GBA (Belgium) - 138/2022 (category Article 5(1)(b) GDPR)an infringement of Article 5 (1) a), b) and c) and (2) of the GDPR and Article 24 (1) of the GDPR; and - an infringement of article 8 of the law of 2143 KB (6,274 words) - 08:57, 29 June 2023
- BVwG - W176 2244407-1/18E (category Article 15(4) GDPR)in Article 23 GDPR. Restrictions on the right to information under Art. 15 GDPR result in particular from the express provision in Art. 15 (4) GDPR that48 KB (7,816 words) - 11:04, 29 July 2022
- AEPD (Spain) - PS/00245/2019 (category Article 9(1) GDPR)Articles 5(1)(a) GDPR and 13 GDPR. On the other hand, they disagreed with the infringement of Article 5(1)(a) GDPR in relation to Article 9(1) GDPR with regard116 KB (18,941 words) - 14:21, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9542071 (category Article 9 GDPR)therefore lawful [also in the light of] Article 6(f) of the Regulation" (p. 21) - as regards the infringement of Article 9(2)(b) of the Regulation "it is clear25 KB (3,961 words) - 15:54, 6 December 2023
- Court of Appeal of Brussels - 2022/AR/556 (category Article 9(2)(i) GDPR)Articles 5.1.a, 5.1.b, 6.1.c), 6.3, 9.2.i), 12.1, 13.1.c), 13.2.a), 13.2.d), 13.2.e), 30.1.a) and 30.1.d), 35.1 and 35.7 of the GDPR 9. The applicant further83 KB (13,694 words) - 09:53, 14 December 2023
- AEPD (Spain) - PS/00090/2020 (category Article 58(2) GDPR)for the infringement of article 58.1 of the RGPD, typified in art. 83. 5 e) of the aforementioned RGPD. SECOND: To appoint B.B.B. as instructor and C.C16 KB (2,462 words) - 13:58, 13 December 2023
- APDCAT (Catalonia) - PS 49/2019 (category Article 9 GDPR)out by the school). Article 9 GDPR, for having processed biometric data without any valid ground from Article 9(2). Article 13 GDPR, for not having informed38 KB (5,760 words) - 08:26, 8 September 2021
- OLG Naumburg - 9 U 6/19 (category Article 9(2)(a) GDPR)there is no explicit consent by the customers as requested under Article 9(2)(a) GDPR and an implied consent cannot fulfill the provision’s requirement32 KB (5,236 words) - 16:00, 10 March 2022
- AEPD (Spain) - PS/00484/2020 (category Article 6(1)(a) GDPR)for the alleged violation of article 6.1. GDPR typified in article 83.5.a) of the aforementioned RGPD. 1. APPOINT D. B.B.B. as instructor. and as secretary27 KB (4,189 words) - 14:44, 13 December 2023
- HDPA (Greece) - 2/2023 (category Article 58(2)(b) GDPR)protected by article 5 par. 1 item a) GDPR, in conjunction with Article 13 GDPR and b) directs a reprimand, according to article 58 par. 2 b) GDPR, to the complained31 KB (5,021 words) - 16:15, 18 July 2023
- CNPD (Portugal) - Deliberação 2021/1569 (category Article 9(1) GDPR)under Article 5 (1)(e)GDPR, the duty to provide information under Article 13 GDPR, and the obligation to carry out a DPIA under Article 35(3)(b) GDPR. The11 KB (1,491 words) - 16:54, 6 December 2023
- DPC (Ireland) - Meta Platforms Ireland Limited (Facebook) - IN-18-5-5 (category Article 9 GDPR)of Article 6(1)(b) GDPR, and to bring its processing into compliance with Article 6(1) GDPR. Furthermore, pursuant to Articles 58(2)(i) and 83 GDPR, and21 KB (3,005 words) - 14:16, 1 February 2023
- AEPD (Spain) - PS/00148/2019 (category Article 9 GDPR)A., and B.B.B., with the aim of capturing and recording the acts of a sexual nature, carried out on the "complainant", described in section "B" of the48 KB (7,550 words) - 14:05, 13 December 2023
- DPC (Ireland) - Meta Platforms Ireland Limited (Instagram) - IN-18-5-7 (category Article 9 GDPR)of Article 6(1)(b) GDPR, and to bring its processing into compliance with Article 6(1) GDPR. Furthermore, pursuant to Articles 58(2)(i) and 83 GDPR, and21 KB (3,069 words) - 14:17, 1 February 2023
- BAG - 9 AZR 383/19 (category Article 38(3) GDPR)3 Sentence 2 GDPR is in accordance and whether there is a conflict of interest within the meaning of. Article 38 Paragraph 6 Sentence 2 GDPR applies if40 KB (6,019 words) - 14:13, 28 November 2023
- CNPD (Luxembourg) - Délibération n° 24FR/2022 (category Article 13(2)(b) GDPR)mandatory by article 13.2.a) of the GDPR. 2.2 Regarding the exercise of their rights by the persons concerned 67 53. In the context of objective 2, the head82 KB (11,472 words) - 16:58, 6 December 2023
- AEPD (Spain) - PS/00100/2020 (category Article 13 GDPR)to the storage of data; (c) where the processing is based on Article 6(1)(a) or Article 9(2)(a), the existence of the right to withdraw consent at any time27 KB (4,296 words) - 13:59, 13 December 2023
- HDPA (Greece) - 7/2023 (category Article 15 GDPR)data Article 9.2.a: Express consent Article 9.2.b: Fulfillment of labor law obligations, etc. Article 9.2.c: Protection of vital interests Article 9.2.d:9 KB (1,251 words) - 12:15, 8 May 2023
- AEPD (Spain) - PS/00348/2020 (category Article 83(2)(b) GDPR)/ Company that hires" section: o NIF: *** NIF.2 o Name: B.B.B. o Surname: B.B.B. In the "Change of Holder" section: o Name and surname former owner: the38 KB (5,648 words) - 14:31, 13 December 2023
- AEPD (Spain) - PS/00127/2020 (category Article 13 GDPR)employer we must look for it in article 9 and 6 of the RGPD. Article 9 of the RGPD establishes in its sections 1 and 2.b) the following: "one. The processing35 KB (5,363 words) - 14:02, 13 December 2023
- CNPD (Portugal) - Deliberação 984/2018 (category Article 32(1)(b) GDPR)the combined provisions of article 32, paragraph 1, subparagraphs b) and d) and article 83, paragraph 4, al.a), of the GDPR, with a fine of € 0.00 to €40 KB (5,935 words) - 16:55, 6 December 2023
- AEPD (Spain) - PS/00188/2019 (category Article 5(1)(f) GDPR)***EMAIL.1 and the tenants are Mr. B.B.B. and Ms. C.C.C., with an e-mail address for notification purposes ***EMAIL.2 FOURTH: On 07/02/19, the Subdirectorate39 KB (6,623 words) - 14:08, 13 December 2023
- HDPA (Greece) - 51/2021 (category Article 22 GDPR)data Article 9.2.a: Explicit consent Article 9.2.b: Execution of labor law obligations etc. Article 9.2.c: Protection of vital interests Article 9.2.d: Edit9 KB (1,168 words) - 15:30, 6 December 2023
- means, as defined by the concept of 'processing of personal data' in Article 2 (b) of Directive 95 / 46 is the collection and transmission of personal65 KB (9,767 words) - 16:22, 6 December 2023
- AEPD (Spain) - PS/00085/2021 (category Article 6(1)(a) GDPR)serious negligent action (article 83.2 b). Basic personal identifiers are affected (name, surname, mobile phone number) (article 83.2 g). The evident link between28 KB (4,350 words) - 13:57, 13 December 2023
- AEPD (Spain) - PS/00031/2020 (category Article 21 GDPR)aforementioned Law LGT.2, NAME B.B.B. as instructor and C.C.C. as secretary, indicating that any of them may be challenged, if appropriate, in accordance with15 KB (2,411 words) - 13:49, 13 December 2023
- Tribunal da Relação de Coimbra - 4354/19.7T8CBR-A.C2 (category Article 9(2)(f) GDPR)right to privacy, namely, personal data that are protected by Article 9(1) and 9(2)(f) of the GDPR (i.e. union dues, insurance and alimony payments and absences30 KB (4,858 words) - 09:58, 6 October 2021
- Gerechtshof Amsterdam - 200.258.736/01 (category Article 15 GDPR)files, of estate [estate 2] , [estate 1] , [address 1] , [name of house] ( [address 2] at [place B] ) and the pasture at [place B] and the accompanying guidance41 KB (7,150 words) - 12:30, 4 October 2021
- AEPD (Spain) - PS/00475/2019 (category Article 17 GDPR)established by article 83.2 of the RGPD:As aggravating the following:We are facing unintentional, but significant negligent action(article 83.2 b)Basic personal23 KB (3,481 words) - 14:42, 13 December 2023
- OGH - 6Ob56/21k (request for preliminary ruling under Article 267 TFEU) (category Article 9(2) GDPR)requirements of Article 6(1)(a) in conjunction with Article 7 GDPR, which cannot be superseded by relying on Article 6(1)(b) GDPR? Is Article 5(1)(c) GDPR (data122 KB (20,253 words) - 08:17, 19 August 2021
- UODO (Poland) - ZSPU.421.3.2019 (category Article 5(2) GDPR)and Article 57(1)(a), Article 58(2)(d) and (i) in connection with Article 5(1)(a), (e) and (f) and (2), Article 24(1) and (2), Article 28, Article 30(1)(d)58 KB (9,357 words) - 10:02, 17 November 2023
- OVG Sachsen-Anhalt - 1 M 49/23 (category Article 53(1) GDPR)this regulation in accordance with Article 57 (1) (a) GDPR and which has the powers in accordance with Article 58 GDPR. For this reason alone, there was14 KB (1,999 words) - 14:20, 18 July 2023
- AEPD (Spain) - PS/00356/2020 (category Article 6(1) GDPR)for the alleged violation of article 6 of the RGPD typified in article 83.5.a) of the aforementioned RGPD. 2. APPOINT D. B.B.B. as instructor. and as secretary26 KB (3,848 words) - 14:31, 13 December 2023
- AEPD (Spain) - E/01090/2021 (category Article 4(9) GDPR)representation in all proceedings, and that “El 9 June 2020, Wallner receives a call from lawyer B.B.B., from the IMF firm ABOGADOS Y ECONOMISTAS S.L.17 KB (2,544 words) - 13:39, 13 December 2023
- AKI (Estonia) - 18.02.2022 (category Article 5(1) GDPR)issues a reprimand under Article 58(2)(b) GDPR. After this, the DPA draws attention to the fact that pursuant of Article 5(1)(a) GDPR, data must be processed42 KB (5,838 words) - 10:27, 13 December 2023
- CE - N° 429571 (category Article 6(1)(b) GDPR) (section On the CNIL's competence to interpret Article 6 GDPR)personal data (Article 9 GDPR)? Does the data controller have a legitimate interest to process credit card data of recurring purchasers under Article 6(1)(f)19 KB (2,790 words) - 09:50, 10 September 2021
- AEPD (Spain) - PS/00135/2021 (category Article 6(1) GDPR)sedeagpd.gob.es 10/14 claimed (article 83.2. a) of the RGPD). - The intentionality or negligence of the infringement (article 83.2. B) of the RGPD). - Basic personal30 KB (4,631 words) - 13:00, 13 December 2023
- AEPD (Spain) - PS/00214/2022 (category Article 9(2) GDPR)Law", which is a requirement of Article 9(2)(j) GDPR. Therefore, the controller could not rely on Article 9(2)(j) GDPR for its processing. Third, the DPA131 KB (20,916 words) - 12:38, 13 December 2023
- NAIH (Hungary) - NAIH/2020/974/4 (category Article 5(2) GDPR)Pursuant to Article 2 (2), the General Data Protection Regulation shall apply with the additions indicated therein. Pursuant to Article 2 (2) of the General67 KB (10,815 words) - 10:11, 17 November 2023
- BVwG - W256 2240235-1 (category Article 9(2)(f) GDPR)the BVwG held that the DSB failed to take into account Article 6(1)(e) and Article 9(2)(f) GDPR in their legal assessment but merely held that § 1 DSG33 KB (5,154 words) - 11:08, 21 January 2022
- Garante per la protezione dei dati personali (Italy) - 9779057 (category Article 9 GDPR)personal data, even without references to names. Moreover, (2) it included health data (Article 4(15) GDPR) as the newsletters were send to patients of the respected63 KB (9,916 words) - 11:28, 16 August 2022
- OLG Stuttgart - 9 U 34/21 (category Article 82 GDPR)data breach (Article 32 GDPR). Does the plaintiff have a right to compensation according to Article 82(1) GDPR and does Article 82(3) GDPR stipulate a reversal60 KB (10,254 words) - 11:22, 22 December 2021
- AEPD (Spain) - TD/00034/2020 (category Article 9(2)(h) GDPR)processed; b) the data subject withdraws the consent on the basis of which the processing was carried out in accordance with Article 6(1)(a) or Article 9(2)(a)17 KB (2,730 words) - 14:50, 13 December 2023
- AEPD (Spain) - PS/00205/2021 (category Article 6(1) GDPR)authority, are established in article 58.2 of the RGPD. Between they have the power to direct a warning -article 58.2 b) -, the Power to impose an administrative28 KB (4,527 words) - 12:35, 13 December 2023
- APD/GBA (Belgium) - 34/2020 (category Article 5(1)(b) GDPR)GDPR and Article 66.2 WOG); and • compliance with the transparency obligations (Article 12 GDPR) and the te provide information (Article 13 GDPR). Page82 KB (13,250 words) - 16:57, 12 December 2023
- CNPD (Luxembourg) - Délibération n° 38FR/2021 (category Article 38(2) GDPR)concluded that the controller had breached Article 39(1)(b) GDPR. Regarding the breach of Article 38(2) GDPR, the CNPD found that controller had failed81 KB (11,895 words) - 16:58, 6 December 2023
- AEPD (Spain) - PS/00219/2019 (category Article 5(1)(d) GDPR)Administrator of D. B.B.B., the company has not changed their legal representatives. FOUNDATIONS OF LAW I By virtue of the powers that article 58.2 of the RGPD37 KB (5,785 words) - 14:11, 13 December 2023
- APD/GBA (Belgium) - 55/2021 (category Article 13(1)(b) GDPR)application of Article 17.3.b, the complainant cannot invokea reason provided for in article 17.1 or 17.2 for requesting the erasure of data concerning him.b) The81 KB (13,211 words) - 16:59, 12 December 2023
- AEPD (Spain) - PS/00368/2020 (category Article 21 GDPR)company, Iberdrola Clientes, S.A.U for infringing Article 21 GDPR, Article 48(1)(b) LGT, and Article 23(4) LOPDGDD. The initial proposed fine was €1000021 KB (3,137 words) - 14:33, 13 December 2023
- AEPD (Spain) - PS/00405/2019 (category Article 6(1) GDPR)significant (Article 83(2)(b) GDPR). - basic personal identifiers were affected (name, identification number, the line identifier) (Article 83(2)(g) GDPR). The24 KB (3,887 words) - 14:34, 13 December 2023
- AEPD (Spain) - PS/00341/2020 (category Article 5 GDPR)principles are found under Article 5(1)(a) and Article 5(2) GDPR respectively]. The Spanish DPA even made reference to Recital 40 GDPR on the legality of processing32 KB (4,831 words) - 14:31, 13 December 2023
- AEPD (Spain) - PS/00502/2020 (category Article 21 GDPR)registered on the Robinson List in breach of Article 48(1)(b) LGT and Article 21 GDPR in conjunction with Article 23(4) LOPDGDD. Avilon Center SL made an voluntary23 KB (3,590 words) - 14:45, 13 December 2023
- AEPD (Spain) - PS/00254/2019 (category Article 58(2) GDPR)infringement of Article 32.1 of the GDPR typified as a serious infringement in Article 73 f) of the LOPDGDD and in Article 83.4 of the GDPR. For its part39 KB (6,341 words) - 14:23, 13 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 3831/161/21 (category Article 58(2)(b) GDPR)Finnish DPA found a retail chain to have breached Article 5(1)(e) GDPR, Article 25(1) GDPR and Article 25(2) GDPR for its lengthy storage of purchase behaviour61 KB (9,477 words) - 13:38, 12 January 2024
- APD/GBA (Belgium) - 37/2021 (category Article 5(1)(b) GDPR)condition of necessity is maintained under Article 6.1 b) to f) of the GDPR. The article 6.1 of the GDPR replaces Article 7 of the Directive, without the relevant45 KB (6,780 words) - 16:57, 12 December 2023
- AEPD (Spain) - PS/00008/2020 (category Article 6(1) GDPR)sedeagpd.gob.es Page 9 9/14 or indirectly, through the infraction. ” Regarding section k) of article 83.2 of the RGPD, the LOPDGDD, article 76, " Sanctions27 KB (4,408 words) - 13:45, 13 December 2023
- Supreme Administrative Court (Portugal) - 0856/20.0BELRA (category Article 4(1) GDPR)the duty of confidentiality - contained in paragraph e) of paragraph 2 of Article 64, that states that the National Tax Number and home address associated6 KB (657 words) - 10:02, 6 October 2021
- AEPD (Spain) - PS/00054/2021 (category Article 32(1) GDPR)of article 32.1 of the RGPD, typified in article 83.4.a) of the aforementioned RGPD. C / Jorge Juan, 6 www.aepd.es 28001 - Madrid sedeagpd.gob.es 2/9 FIFTH:27 KB (3,993 words) - 13:52, 13 December 2023
- Personvernnemnda (Norway) - 2021-03 (category Article 5(2) GDPR)Ordinance Article 6 No. 1 letter f, for failure to assess protests, cf. Article 21, and for lack of information, cf. Article 13. 2. Pursuant to Article 58 (2)25 KB (4,046 words) - 18:37, 5 March 2022
- NAIH (Hungary) - NAIH/2020/1154/9 (category Article 6(1)(f) GDPR)(2) (f) and Article 14 (2) (g), Article 14 (1) andArticle 15 (1) (h) and Article 21 (1)infringement of Article 18 (1) (a) and (d).order the restriction192 KB (30,170 words) - 10:11, 17 November 2023
- DSB (Austria) - 2020-0.303.727 (category Article 85(2) GDPR)that Section 9 (1) GDPR contains a restriction to a certain professional group (“classic media companies”), although Article 85 (2) GDPR does not include21 KB (3,266 words) - 13:51, 12 May 2023
- AEPD (Spain) - PS/00029/2020 (category Article 58(2)(b) GDPR)under Article 58(2)(b) GDPR. The Authority ordered the Health Service to carry out a DPIA and bring its processing operations in line with the GDPR within44 KB (6,943 words) - 13:49, 13 December 2023
- AEPD (Spain) - PS/00278/2020 (category Article 5(1)(a) GDPR)conversation and the phone number -E.E.E.-Can you prove that you are B.B.B. , answer Well look for B.B.B. that I am I. C / Jorge Juan, 6 www.aepd.es 28001 - Madrid28 KB (4,592 words) - 14:25, 13 December 2023
- VGH München – 11 ZB 19.991 (category Article 5(1)(b) GDPR)also be subject to the provisions of Article 6.1(e) DSGVO in conjunction with Article 6.1(b) DSGVO. Article 2, 28.2 no. 2 BayDSG without the consent of the31 KB (5,184 words) - 17:19, 15 April 2023
- Datatilsynet (Norway) - 20/01879 (category Article 32(1)(b) GDPR)highly sensitive personal data exposed, thus breaching Article 32(1)(b) GDPR and Article 32(2), cf. Article 24. An employee in a municipal health care center30 KB (4,302 words) - 18:53, 5 March 2022
- AEPD (Spain) - PS/00452/2019 (category Article 6(1)(a) GDPR)paragraph k) of Article 83.2 of the RGPD, the LOPDGDD, Article 76, "Sanctions and corrective measures", it provides: "In accordance with Article 83(2)(k) of Regulation25 KB (4,037 words) - 14:55, 13 December 2023
- IMY (Sweden) - DI-2020-10561 (category Article 12(3) GDPR)intervention Article 58 (2) (i) and Article 83 (2) state that the IMY has the power to impose administrative penalty fees in accordance with Article 83. the17 KB (1,940 words) - 15:23, 6 December 2023
- Court of Appeal of Brussels - 2020/AR/813 (category Article 13(1)(b) GDPR)Therefore the controller violated Article 5(1)(a) and (2), Article 6(1), Article 12(1), Article 13(1)(b) and (c) GDPR. The DPA imposed a fine of €50.00085 KB (12,340 words) - 15:30, 19 August 2022
- Datatilsynet (Norway) - 20/01949 (category Article 6(2) GDPR)DPIA cf. Article 35 - clearly inform students cf. Article 12 that a) it's voluntary to participate in the survey cf. Article 13(2)(f), and b) that their49 KB (7,572 words) - 16:14, 6 December 2023
- AP (The Netherlands) - 10.12.2020 (Booking.com) (category Article 33(1) GDPR)accordance with Article 60 of the AVG. No objections to this were submitted. 2. Legal Framework 2.1 Scope of the AVG Pursuant to Article 2(1) of the AVG77 KB (12,915 words) - 17:15, 12 December 2023
- AEPD (Spain) - PS/00050/2020 (category Article 5(1)(a) GDPR)APERCIBIMENTO to B.B.B., with NIF *** NIF.1, for the alleged violation of article 5.1.a) of the RGPD, in accordance with Article 83.5.a) and 58.2.b) and d) of31 KB (5,083 words) - 13:51, 13 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 8493/161/21 (category Article 58(2)(b) GDPR)the controller had violated Article 5(1)(a) GDPR, Article 12 GDPR, Article 13 GDPR, Article 15 GDPR and Article 25(1) GDPR. As a result, the DPA issued52 KB (7,936 words) - 22:32, 2 March 2024
- AEPD (Spain) - PS/00190/2020 (category Article 5(1)(f) GDPR)violation of article 5.1.f) of the RGPD, typified in article 83.5 of the GDPR. C / Jorge Juan, 6 www.aepd.es 28001 - Madrid sedeagpd.gob.es 2/5 FOURTH: On14 KB (2,143 words) - 14:09, 13 December 2023
- AEPD (Spain) - PS/00026/2021 (category Article 21 GDPR)processor, Vamavi Phone SL, had violated Article 48(1) LGT, Article 21 GDPR in link with Article 23 LOPDGDD and Article 28 GDPR by making a commercial call on behalf33 KB (5,185 words) - 13:48, 13 December 2023
- restrictions of this right arise from Para. 2 leg. cit., but not from Art. 6 Para. 1 or 9 (2) GDPR. However, the GDPR and in particular the principles enshrined33 KB (5,254 words) - 13:33, 12 May 2023
- AEPD (Spain) - PS/00060/2020 (category Article 58(2) GDPR)for the alleged infringement of article 58.2 of the RGPD, typified in article 83.5 e) of the RGPD. 1. NAME D. B.B.B. as instructor and Dña. C.C.C. as23 KB (3,695 words) - 13:53, 13 December 2023
- APD/GBA (Belgium) - 38/2021 (category Article 5 GDPR)consent of the 10 complainant (article 6.1 a) of the GDPR combined with article 7 of the GDPR), (2) article 6.1 c) of the GDPR in that the publication results73 KB (11,604 words) - 16:57, 12 December 2023
- AEPD (Spain) - PS/00192/2022 (category Article 83(2)(b) GDPR)health, culture, and emotional state. This combined with the fact that Article 4(2) GDPR includes "transmission" and "dissemination" in the definition of processing15 KB (2,257 words) - 13:02, 13 December 2023
- DVI (Latvia) - SIA "TET" (redirect from DVI (Latvia) - Decision of 9 September 2022) (category Article 5(1)(b) GDPR)violation of Article 5(1)(a), (b), (d) and (e) GDPR. Furthermore, there was no legal basis for these processing operations under Article 6(1) GDPR. The DPA114 KB (17,942 words) - 15:46, 2 November 2022
- AEPD (Spain) - PS/00303/2020 (category Article 6(1) GDPR)negligence in the offense (article 83.2 b). - Basic personal identifiers are affected (name, data bank, the line identifier) (article 83.2 g). That is why it is29 KB (4,480 words) - 14:27, 13 December 2023
- GHAL - 200.256.387 (category Article 6(2) GDPR)virtue of Article 17(3)(b) GDPR. Indeed, it further is justified that the task carried out in the public interest under Article 6(1)(e) GDPR does not constitute27 KB (4,289 words) - 07:57, 7 March 2022
- AEPD (Spain) - EXP202200367 (category Article 5(1)(a) GDPR)sedeagpd.gob.es 17/28 ANNEX 0 A.A.A. (hereinafter claimant 1). B.B.B. (hereinafter claimant 2). C.C.C. (hereinafter claimant 3). D.D.D. (hereinafter claimant57 KB (8,117 words) - 10:35, 13 December 2023
- AEPD (Spain) - PS/00308/2020 (category Article 5(1)(a) GDPR)of personal data of clients or third parties (article 83.2.k, of the RGPD in relation to article 76.2.b, of the LOPDGDD) Therefore, based on the foregoing25 KB (4,016 words) - 14:27, 13 December 2023
- AEPD (Spain) - PS/00322/2020 (category Article 58(2)(b) GDPR)the GDPR, pursuant to Articles 58(2)(b) and (d) respectively. For the violation of Article 5(1)(f), it issued a fine of €10000, pursuant to Article 58(2)(i)26 KB (3,840 words) - 14:28, 13 December 2023
- HDPA (Greece) - Opinion 2/2020 (category Article 35(1) GDPR)of Article 6(1)(e) GDPR -public interest and exercise of official authority vested in it, which falls within the exception of Article 9(2)(j) GDPR. It33 KB (5,266 words) - 15:32, 6 December 2023
- Commissioner (Cyprus) - 11.17.001.010.007 (category Article 58(2)(b) GDPR)intention to infringe either article 5(1)( c) or article 34(1) of the GDPR. Legal framework 8.1. Pursuant to Article 5(1)(c) of the GDPR “Personal Data shall be:20 KB (3,082 words) - 13:42, 31 January 2024
- APD/GBA (Belgium) - 03/2021 (category Article 5(1)(b) GDPR)policies regulating this, they failed to comply to Article 24(1) and (2) GDPR and Article 25(1) and (2) GDPR. No fine was imposed, but a reprimand and clear32 KB (4,880 words) - 16:50, 12 December 2023
- AEPD (Spain) - PS/00009/2020 (category Article 6(1) GDPR)or negligence in the infringement (article 83.2 b).Basic personal identifiers (name, surname,address) (article 83.2 g).C / Jorge Juan, 6www.aepd.es2800127 KB (4,150 words) - 13:45, 13 December 2023
- AEPD (Spain) - PS/00335/2020 (category Article 5(1)(f) GDPR)neither to the claimant, nor to Mr. B.B.B. Likewise, a search of all the SMS sent by the system in the file of Mr. B.B.B. and the only phone number that appears34 KB (5,427 words) - 14:30, 13 December 2023
- AEPD (Spain) - PS/00068/2020 (category Article 6(1) GDPR)or negligence of the offense (article 83.2 b).-Basic personal identifiers (name, surname, NIF) are affected(article 83.2 g).That is why it is considered27 KB (4,106 words) - 13:55, 13 December 2023
- AEPD (Spain) - PS/00051/2020 (category Article 6(1)(a) GDPR)otherwise treated;b) the interested party withdraws the consent on which the treatment ofin accordance with Article 6 (1) (a) or Article 9 (2) (a), andit is31 KB (4,853 words) - 13:52, 13 December 2023
- AEPD (Spain) - PS/00266/2019 (category Article 83(2)(e) GDPR)ONLINE S.L. with NIF B87298923, in accordance with the provisions of article 58.2.b) of the RGPD, for the alleged infringement of article 13 of the RGPD, typified28 KB (4,459 words) - 14:23, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9269629 (category Article 9 GDPR)Consequently, based on Article 83(5)(a) GDPR, the hospital was fined to pay a fine of EUR 30.000,00 for violation of Article 5(1)(f) GDPR. Corrective measures38 KB (5,724 words) - 15:47, 6 December 2023
- AEPD (Spain) - PS/00139/2020 (category Article 58(2) GDPR)alleged infringement of Article 5.1.d) of the RGPD as defined in article 83.5.a) of the aforementioned RGPD. To appoint Mr. B.B.B. as instructor and Ms.20 KB (3,086 words) - 14:04, 13 December 2023
- BAC (Bulgaria) - № 11179 (category Article 5(1)(c) GDPR)and in a transparency (b. "a"), purpose limitation (b. “b”), data minimisation (b. “c”), accuracy (b. “d”), storage limitation (b. “e”), integrity and confidentiality13 KB (1,908 words) - 13:41, 15 September 2021
- AEPD (Spain) - PS/00268/2019 (category Article 13 GDPR)TODOTECNICOS24H S.L. with NIF B86558533, in accordance with the provisions of article 58.2.b) of the RGPD, for the alleged infringement of article 13 of the RGPD, typified28 KB (4,435 words) - 14:23, 13 December 2023
- Commissioner (Cyprus) - 11.17.001.009.232 (category Article 58(2) GDPR)processed; (b) the data subject withdraws consent on which the processing is based according to point (a) of Article 6(1), or point (a) of Article 9(2), and17 KB (2,515 words) - 11:17, 6 February 2024
- AEPD (Spain) - EXP202102088 (category Article 83(5)(b) GDPR)of the data; c) when the treatment is based on article 6, paragraph 1, letter a), or article 9, paragraph 2, letter a), the existence of the right to withdraw26 KB (3,881 words) - 13:35, 13 December 2023
- GHAL - 200.186.790/01 (category Article 6(1)(b) GDPR)terminated, must be assessed in the light of Article 6 GDPR and not Article 10 GDPR. Article 6(1)(f) GDPR provides a sufficient basis for processing. The50 KB (8,219 words) - 12:42, 4 March 2022
- AEPD (Spain) - E/03624/2021 (category Article 9(1) GDPR) (section DPA mutual assistance under Article 61 GDPR)referred to in section 2 shall not be based on the categories personal data referred to in article 9, paragraph 1, unless Article 9(2)(a) or (g) applies and58 KB (8,665 words) - 16:10, 1 February 2022
- DSB (Austria) - 2020-0.605.768 (category Article 41(2)(c) GDPR)context of Articles 40 and 41 GDPR, in particular from Article 40 Paragraph 4 in conjunction with Article 41 Paragraph 2 lit. c) GDPR, namely further that a monitoring19 KB (2,799 words) - 13:52, 12 May 2023
- AEPD (Spain) - PS/00104/2020 (category Article 5(1)(f) GDPR)change of holder of my wife's line B.B.B. DNI ***NIF.2 tlf. ***Phone.1 to my name, A.A.A. DNI ***NIF.1 tlf. ***PHONE 2 the shop assistant made us sign a36 KB (6,022 words) - 13:59, 13 December 2023
- AEPD (Spain) - PS/00247/2020 (category Article 7 GDPR)Articles 13 GDPR and 7 GDPR respectively? To determine the amount of the penalty, the AEPD took into account three criteria in Article 83(2) GDPR: unintentional24 KB (3,893 words) - 14:22, 13 December 2023
- AEPD (Spain) - PS/00291/2019 (category Article 6(1)(a) GDPR)statute of limitations, in Article 72.1.b) of the LOPDGDD. V Article 58.2 of the GPRS, under the heading "Powers", states that: "2 Each supervisory authority33 KB (5,396 words) - 14:26, 13 December 2023
- AZOP (Croatia) - Decision 05-10-2023 (category Article 9 GDPR)in the storage systems, which is contrary to Article 32 paragraph 1 point b) and paragraph 2 of the GDPR; 2. The controller processed the personal data13 KB (1,934 words) - 20:55, 1 November 2023
- GHDHA - C/09/574422 / HA RK 19-368 (category Article 1 GDPR)obligation (Article 4:32 § 1 Wft). Therefore, Article 6(1)(c) GDPR was relevant. However, the Court highlighted that the phrase "at least on" in Article 6(1)43 KB (7,297 words) - 12:26, 4 October 2021
- ICO - Monetary Penalty on Ticketmaster UK Limited (category Article 4(2) GDPR)stored or otherwise processed. 2.9 Article 32 GDPR applies to both controllers and processors. Penalties 2.10 Article 83(1) GDPR requires supervisory authorities130 KB (21,195 words) - 13:52, 25 April 2021
- DSB (Austria) - 2020-0.191.240 (category Article 9(1) GDPR)Articles 13, 14, 18 and 21 DSGVO were excluded under Article 9(8) CESTA. Pursuant to Article 9.2(i) of the DSGVO, the defendant was entitled to lawfully66 KB (10,546 words) - 13:50, 12 May 2023
- Hoge Raad - ECLI:NL:PHR:2023:935 (category Article 5(1)(c) GDPR)another real estate agent for the sale. 2 Process flow First instance 2.1 2.2 2.3 2.4 2.5 PME summoned [plaintiff] on May 9, 2018 (see also paragraph 1.12 above)103 KB (17,620 words) - 10:13, 29 November 2023
- AEPD (Spain) - PS/00198/2020 (category Article 6(1) GDPR)of a person (article 83.2 b).-Basic personal identifiers are affected (name, a number ofidentification, the line identifier) (article 83.2 g).- Section24 KB (3,769 words) - 14:10, 13 December 2023
- Rb. Gelderland - AWB - 18 3073 (category Article 9 GDPR)conjunction with Section 99(2) of the AVG, the Wbp was repealed on 25 May and the AVG entered into force on that date. 2.2 Section 48, tenth paragraph10 KB (1,424 words) - 12:09, 9 May 2022
- AEPD (Spain) - PS/00415/2020 (category Article 5 GDPR)signifies cativa (article 83.2 b). Basic personal identifiers are affected, (name, surname, two, domicile) (according to article 83.2g). Therefore, based30 KB (4,436 words) - 14:36, 13 December 2023
- AEPD (Spain) - EXP202100282 (category Article 6(1) GDPR)of personal data of clients or third parties (article 83.2.k, of the RGPD in relation to article 76.2.b, of the LOPDGDD) It is appropriate to graduate27 KB (4,108 words) - 13:32, 13 December 2023
- data within the meaning of Article 9 of the AVG must indeed be based on Article 9.2 of the AVG, read in conjunction with Article 6.1 of the AVG. This was206 KB (30,485 words) - 09:54, 14 December 2023
- Commissioner (Cyprus) - 11.17.001.010.045 (category Article 5(1)(c) GDPR)that the article’s publication was in violation of Article 5(1)(c) GDPR, Article 6(1)(f) GDPR, when read in line with Article 85 GDPR. Article 5(1)(c) outlines74 KB (12,375 words) - 10:07, 4 October 2023
- AEPD (Spain) - PS/00430/2020 (category Article 4(11) GDPR)his/her consent. The DPA first outlined Article 6(1)(a) and (b) GDPR, Articles 4(11) GDPR on consent, as well as Article 6 of the Spanish Data Protection Law31 KB (4,738 words) - 14:39, 13 December 2023
- specified in Article 83 of the GDPR. 92. 92. Firstly, the restricted formation emphasises that, in this case, the criterion provided for in Article 83(2)(a) of73 KB (11,864 words) - 17:03, 6 December 2023
- APD/GBA (Belgium) - 154/2023 (category Article 5(1)(b) GDPR)principle (Article 5.1 b) GDPR) and the principle of minimum data processing (Article 5.1 c) GDPR). This follows from both provisions of the GDPR camera surveillance21 KB (3,034 words) - 15:30, 26 January 2024
- APD/GBA (Belgium) - 36/2021 (category Article 5(1) GDPR)approved appeal of Article 5(1)(a), Article 12(1), Article 13(1) and Article 13(2). The appeal for Article 5(1)(c), Article 6(1) and Article 8 GDPR was not approved62 KB (9,417 words) - 16:57, 12 December 2023
- AP (The Netherlands) - 24.02.2022 (category Article 13(1)(e) GDPR)personal data 9 2.1.1 Factual findings 9 2.1.2Legal assessment 9 2.2 Controller and processor(s) 10 2.2.1 Factual findings 10 2.2.2Legal assessment 12 2.3Security179 KB (22,957 words) - 17:07, 12 December 2023
- APD/GBA (Belgium) - 39/2020 (category Article 5(1)(f) GDPR)obtained from them, as required under Article 14(1)(a) AVG and Article 14(2)(c)(e) and point (f) AVG; c. article 12 j° article 14 AVG, in view of the defendant62 KB (10,509 words) - 16:58, 12 December 2023
- AEPD (Spain) - EXP202203956 (category Article 6(1) GDPR)” Regarding section k) of article 83.2 of the GDPR, the LOPDGDD, article 76, "Sanctions and corrective measures", provides: "2. In accordance with the provisions52 KB (8,323 words) - 13:17, 13 December 2023
- infringement of Article 5.1 b) in conjunction with Article 6.4. AVG, on article 5.1 a) in conjunction with article 6.1. AVG and on article 5.1 c) GDPR has been72 KB (11,208 words) - 16:51, 12 December 2023
- AEPD (Spain) - EXP202202898 (category Article 6(1) GDPR)” Regarding section k) of article 83.2 of the GDPR, the LOPDGDD, article 76, "Sanctions and corrective measures", provides: "2. In accordance with the provisions34 KB (5,358 words) - 13:16, 13 December 2023
- APD/GBA (Belgium) - 51/2023 (category Article 5(1)(b) GDPR)obligation under Article 37(7) GDPR. The DPA ordered the controller to comply with his obligations under Article 13(1)(b) GDPR and Article 37(7) GDPR and to publish18 KB (2,611 words) - 12:45, 16 June 2023
- CJEU - C-205/21 - Ministerstvo na vatreshnite raboti (category Article 9 GDPR)listed in Article 2(3) of that directive and Article 2(2) of that regulation, apply. 62 In particular, it should be noted that Article 9 of the GDPR and Article110 KB (18,000 words) - 08:01, 5 June 2023
- Court of Appeal of Brussels - 2021/AR/163 (category Article 83 GDPR)have entered into a breacha / 'article 14.1-2 combined' article 12.3, article 6, article 5.1, c) and articles 5.2 and 24.1-2 of the RGPO. It is therefore72 KB (11,389 words) - 08:59, 20 August 2021
- Garante per la protezione dei dati personali (Italy) - 9269618 (category Article 5(1)(f) GDPR)engines (see Annex 1 to note of 9 January 2019, p. 1); b) to be "aware of the dispersion of data on 12.12.2018" (see note of 9 January 2019, p. 1) and to have34 KB (4,967 words) - 15:46, 6 December 2023
- AEPD (Spain) - PS/00474/2020 (category Article 21 GDPR)subject has exercised their right to object under Article 21 GDPR. In the same way, Article 48(1)(b) of the Spanish General Telecommunications Act grants38 KB (5,945 words) - 12:14, 9 June 2021
- UODO (Poland) - DKN.5131.31.2021 (category Article 28(9) GDPR)3 and 9, art. 33 sec. 1 and art. 34 sec. 1 and 2 of Regulation 2016/679. 2) Intentional or unintentional nature of the breach (Article 83(2)(b) of Regulation105 KB (17,237 words) - 09:22, 10 May 2023
- NAIH (Hungary) - NAIH/2020/193/8 (category Article 12(2) GDPR)collected or otherwise processed; (b) the data subject withdraws his or her consent under Article 6 (1) (a) or Article 9 (2) (a) and there is no other legal58 KB (9,413 words) - 10:11, 17 November 2023
- OLG Köln - 15 U 89/19 (category Article 17(3) GDPR)only with regard to the applications under 2 a), 2 b) and 2 c) and partially with regard to the application under 2 d), so that the remainder of the regional143 KB (24,273 words) - 15:59, 10 March 2022
- AEPD (Spain) - PS/00221/2020 (category Article 14 GDPR)of the data; d) when the treatment is based on article 6, paragraph 1, letter a), or article 9, section 2, letter a), the existence of the right to withdraw29 KB (4,537 words) - 14:19, 13 December 2023
- AEPD (Spain) - PS/00436/2021 (category Article 13(2) GDPR)that, in cases of video surveillance, Article 22.4 LOPDGDD provides that the duty of disclosure in Article 12 GDPR may be fulfilled by placing a sign near20 KB (3,085 words) - 12:24, 13 December 2023
- HDPA (Greece) - 30/2020 (category Article 2(2)(c) GDPR)under Article 58(2) GDPR and impose on the respondent the responsibility to restore the fulfilment of Article 5(1)(a) GDPR and of Article 5(1)(b-f) GDPR20 KB (2,519 words) - 15:36, 6 December 2023
- APD/GBA (Belgium) - 170/2023 (category Article 24 GDPR)accordance with Article 33 GDPR to the Belgian DPA. Nonetheless, there were suspicions that the controller did not comply with Article 32 GDPR. Especially24 KB (3,525 words) - 15:29, 26 January 2024
- HDPA (Greece) - 44/2019 (category Article 5(2) GDPR)internal compliance and accountability according to Article 5(1) GDPR, Article 5(2) GDPR and Article 6(1) GDPR. Since the company had totally ignored the its127 KB (21,184 words) - 15:39, 6 December 2023
- AEPD (Spain) - PS/00180/2020 (category Article 13 GDPR)thedata; c) when the treatment is based on article 6, paragraph 1, letter a), or theArticle 9, paragraph 2, letter a), the existence of the right to withdraw38 KB (5,879 words) - 14:07, 13 December 2023
- CNPD (Luxembourg) - Délibération n° 21FR/2021 (category Article 5(1)(c) GDPR)company was not compliant with Article 13 GDPR. The CNPD held that the controller infringed Article 5(1)(c) GDPR and Article 13 GDPR and decided to: - impose52 KB (7,520 words) - 13:13, 20 July 2021
- APD/GBA (Belgium) - 12/2019 (category Article 4(11) GDPR)of data; (d) where processing is based on point (a) of Article 6(1) or point (a) of Article 9(2), that the data subject shall have the right to withdraw107 KB (17,697 words) - 16:52, 12 December 2023
- CNIL (France) - SAN-2019-005 (category Article 32(2) GDPR)violates Article 32 GDPR. Retaining personal data of an applicant for a lease after another applicant has been selected also violates Article 5(1)(e) GDPR41 KB (6,558 words) - 17:09, 6 December 2023
- CNPD (Luxembourg) - Délibération n° 47FR/2021 (category Article 5(1)(c) GDPR)the processing is based on Article 6(1)(a) or on Article 9, (c) where the processing is based on Article 6(1)(a) or Article 9(2)(a), the existence of the69 KB (11,315 words) - 13:30, 19 January 2022
- AEPD (Spain) - PS/00093/2019 (category Article 5(1)(f) GDPR)parties (Article 83.2.k of the RGPD in relation to Article 76.2.b of the LOPDGDD) - The turnover or activity figure of the entity (article 83.2.a, of the37 KB (5,995 words) - 13:58, 13 December 2023
- AEPD (Spain) - PS/00317/2020 (category Article 13 GDPR)the lack of a privacy and cookie policy on a website infringe Article 13 GDPR and Article 22(2) LSSI? The AEPD decided to impose a fine to the clinic: € 200031 KB (4,862 words) - 14:28, 13 December 2023
- AEPD (Spain) - PS/00034/2020 (category Article 5(1)(f) GDPR)the notice board of the neighbour’s community a violation of Article 5 (1) (f) GDPR? Article 9 of Ley de Propriedad Horizontal provides that: "If a summons18 KB (2,727 words) - 13:50, 13 December 2023
- AP (The Netherlands) - 4.02.2021 (category Article 9 GDPR)The interpretation of article 13 of the Wbp is no different from that of article 32 of the GDPR, described in paragraphs 2.3.2 and 2.3.3. Also in the period57 KB (8,053 words) - 17:07, 12 December 2023
- AEPD (Spain) - PS/00433/2020 (category Article 58(2)(c) GDPR)"Regarding section k) of article 83.2 of the RGPD, the LOPDGDD, article 76," Sanctions and corrective measures", provides:"2. In accordance with the provisions23 KB (3,592 words) - 14:40, 13 December 2023
- AEPD (Spain) - PS/00095/2020 (category Article 5(1)(b) GDPR)by the alleged violation of Article 5.1(f) of the GDPR, Article 5.1(b) of the GDPR, as set out in Article 83.5 of the GDPR. FOURTH: On 10 June 2020, the15 KB (2,317 words) - 13:59, 13 December 2023
- AEPD (Spain) - PS/00461/2019 (category Article 83(2)(b) GDPR)fine on the defendant and stated he has to comply with Article 5(1)(c) and Article 83(2)(a)(b) GDPR. Share your comments here! Share blogs or news articles15 KB (2,366 words) - 14:41, 13 December 2023
- AEPD (Spain) - PS/00234/2020 (category Article 7 GDPR)AEPD concluded that the defendant could have breached Article 13 GDPR, Article 7 GDPR and Article 22(2) LSSI: there was no identification of the data controller47 KB (7,368 words) - 14:21, 13 December 2023
- APD/GBA (Belgium) - 75/2023 (category Article 12(2) GDPR)Authority. II.5.2. Established infringement of Article 5(1)(a) j° Article 6(1)(f) and Article 12(2) GDPR in conjunction with Article 17 (1) GDPR. II.5.2.1. Administrative77 KB (11,604 words) - 08:55, 29 June 2023
- AEPD (Spain) - PS/00408/2020 (category Article 6(1) GDPR)images to Instagram are: A.A.A., born 07/25/2005. B.B.B., born on 05/02/2006 C.C.C., born 11/19/2005 2. That, according to the Judicial Police, the video47 KB (7,616 words) - 14:35, 13 December 2023
- AEPD (Spain) - PS/00054/2020 (category Article 5(1)(c) GDPR)have ordered me. 2º- On January 2, 2021, I proceed to sue the company […], whose legal representatives or administrators are A.A.A. and B.B.B .. The reason37 KB (6,022 words) - 13:52, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9468523 (category Article 5(1) GDPR)e), par. 2 and par. 3, lett. b), of the GDPR; as well as art. 2-ter, paragraphs 1 and 3, of the Code (see also the provision contained in Article 15, paragraph22 KB (3,488 words) - 15:52, 6 December 2023
- AEPD (Spain) - PS/00112/2020 (category Article 13 GDPR)infringement of article 13 of the RGPD, typified in article 83.5.b) of theRGPD, a warning sanction in accordance with article 58.2.b) of theRGPD.SECOND: REQUEST29 KB (4,402 words) - 14:00, 13 December 2023
- AEPD (Spain) - PS/00385/2020 (category Article 58(2)(b) GDPR)Complainant 2.- E / 11744/2019 A.A.A. - *** NIE.1 Claimant 3.- E / 11798/2019 B.B.B. - *** NIF.1 Claimant 4.- E / 05495/2020 C.C.C. - *** NIF.2 Claimant 555 KB (8,967 words) - 14:33, 13 December 2023
- AEPD (Spain) - PS/00143/2020 (category Article 5(1)(f) GDPR)violation of Article 5.1.f) of the RGPD, typified in Article 83.5 of the RGPD. C / Jorge Juan, 6 www.aepd.es 28001 - Madrid sedeagpd.gob.es Page 2 2/6 FOURTH:17 KB (2,578 words) - 14:05, 13 December 2023
- CNPD (Luxembourg) - Délibération n° 41FR/2021 (category Article 39(1)(b) GDPR)analyzes the criteria set by Article 83.2 of the GDPR: - As to the nature and seriousness of the violation [article 83.2 a) of the GDPR], with regard to breaches56 KB (8,326 words) - 16:57, 6 December 2023
- AEPD (Spain) - PS/00003/2020 (category Article 5(1)(c) GDPR)the complaint (Article 83 (2) (f) GDPR), not linking the activity of the offender to the processing of personal data (Article 76 (2) (b) LOPDGD), the non-existence50 KB (7,524 words) - 13:44, 13 December 2023
- DSB (Austria) - 2021-0.101.211 (category Article 9 GDPR)PCR (SARS_CoV-2) test is to be qualified as a health data pursuant to Article(4)(15) GDPR and that the scope of protection of Article 9(2) must be taken37 KB (5,745 words) - 13:53, 12 May 2023
- AEPD (Spain) - E/00113/2019 (category Article 17(1)(b) GDPR)***EMAIL.1,and (ii) the coordinator of ***LOCA-LIDAD.1 D.ª B.B.B., from the address ***EMAIL.2 (i) - Dated 04/06/2018, in which he addresses the complainant27 KB (4,497 words) - 13:38, 13 December 2023
- AEPD (Spain) - EXP202210237 (category Article 6(1)(b) GDPR)fact that the processing of the controller relied on Article (6)(1)(b) GDPR and Article 6(1)(c) GDPR as legal basis affects the holding of the DPA since32 KB (4,780 words) - 10:44, 13 December 2023
- AEPD (Spain) - PS/00132/2020 (category Article 6(1) GDPR)paragraph k) of Article 83.2 of the RGPD, the LOPDGDD, Article 76, "Sanctions and corrective measures", it provides: "In accordance with Article 83(2)(k) of Regulation24 KB (3,939 words) - 14:03, 13 December 2023
- AEPD (Spain) - PS/00079/2020 (category Article 6(1) GDPR)paragraph k) of Article 83.2 of the RGPD, the LOPDGDD, Article 76, "Sanctions and corrective measures", it provides: "In accordance with Article 83(2)(k) of Regulation20 KB (3,301 words) - 13:57, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9446659 (category Article 6(2) GDPR)the Authority judged the processing unlawful on the basis of Article 6 (1) (c) (e), (2), (3) (b). Also, the Garante found that the personal data published25 KB (3,911 words) - 15:51, 6 December 2023
- AEPD (Spain) - PS/00028/2022 (category Article 5(1)(f) GDPR)" Regarding section k) of article 83.2 of the GDPR, the LOPDGDD, article 76, "Sanctions and corrective measures", provides: "2. In accordance with the provisions58 KB (9,301 words) - 12:39, 13 December 2023
- ICO (UK) - Enforcement Notice and Warning Letter - Home Office (category Article 5(2) GDPR)accountability pursuant to Article 5(2) UK GDPR because it failed to demonstrate compliance with Article 5(1)(a) and (c) UK GDPR principles of lawfulness129 KB (17,281 words) - 14:57, 10 April 2024
- AEPD (Spain) - EXP202204492 (category Article 6(1) GDPR)2 of the GDPR, and with the provisions of article 76 of the LOPDGDD, with respect to section k) of the aforementioned article 83.2 GDPR. Article 83.2 of26 KB (3,867 words) - 10:44, 13 December 2023
- HDPA (Greece) - 55/2021 (category Article 33 GDPR)measures to security of processing, in accordance with Article 32 GDPR, in connection with Article 24 GDPR, as the controller did not take into account the risks65 KB (10,533 words) - 10:28, 27 January 2022
- AEPD (Spain) - PS/00057/2020 (category Article 7 GDPR)ESLORA PROJECTOS,SL, with CIF: B95608196 owner of the web pages: *** URL.1 , *** URL.2 and *** URL.3 ,for violation of article 22.2) of the LSSI, punishable31 KB (4,757 words) - 13:52, 13 December 2023
- AEPD (Spain) - PS/00280/2022 (category Article 5(1)(f) GDPR)following criteria established by article 83.2 of the RGPD, considering as aggravating circumstance according to article 76.2 b) LOPDGDD, the relationship of30 KB (4,551 words) - 11:51, 9 February 2023
- AEPD (Spain) - PS/00168/2020 (category Article 6(1) GDPR)significant (article 83.2 b). - Basic personal identifiers (name, an identification number, the line identifier) are affected (article 83.2 g). - Any previously22 KB (3,568 words) - 14:06, 13 December 2023
- NAIH (Hungary) - NAIH/2020/2729/15 (category Article 5(1)(b) GDPR)portability concerned the right to (c) information based on Article 6 (1) (a) or Article 9 (2) (a); in the case of data processing, the right to withdraw58 KB (9,071 words) - 10:12, 17 November 2023
- APD/GBA (Belgium) - 24/2021 (category Article 35(2) GDPR)fairness and transparency (Article 5.1 a) GDPR), purpose limitation (Article 5.1 b) GDPR) and minimum data processing (Article 5.1 c) GDPR); 4) the legal basis110 KB (18,238 words) - 16:56, 12 December 2023
- NAIH (Hungary) - NAIH/2020/3479 (category Article 5(1)(d) GDPR)Infotv. Pursuant to Section 60 (2): “For the initiation of data protection authority proceedings Article 77 (1) and Article 22 (b) of the General Data Protection30 KB (4,563 words) - 10:12, 17 November 2023
- AEPD (Spain) - PS/00023/2020 (category Article 58(2)(b) GDPR)including the conditions for consent under articles 5, 6, 7 and 9; [...]. However, Article 58(2)(b) of the same legal text provides for the possibility of to21 KB (3,298 words) - 13:46, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9860461 (category Article 9 GDPR)privacy. Health data are special categories of data covered by Article 9 GDPR. According to Article 137 of the Italian Data Protection Code, health data can16 KB (2,409 words) - 15:44, 6 December 2023
- Garante per la protezione dei dati personali (Italy) - 9860487 (category Article 9 GDPR)right to privacy. Health data are sensitive data covered by Article 9 GDPR. According to Article 137 of the Italian Data Protection Code, health data can16 KB (2,352 words) - 15:44, 6 December 2023
- Garante per la protezione dei dati personali (Italy) - 9860513 (category Article 9 GDPR)right to privacy. Health data are sensitive data covered by Article 9 GDPR. According to Article 137 of the Italian Data Protection Code, health data can16 KB (2,324 words) - 15:45, 6 December 2023
- AEPD (Spain) - PS/00065/2020 (category Article 13 GDPR)is based on Article 6(1)(a) or Article 9(2)(a) or Article 9(2)(b); or (c) where the processing is based on Article 6(1)(a) or Article 9(2)(a), the existence61 KB (9,973 words) - 13:55, 13 December 2023
- HDPA (Greece) - 25/2022 (category Article 5(2) GDPR)prove the lawfulness of processing according to Article 6(1)(b) GDPR and for violating Article 12(2) GDPR by creating undue barriers to the exercise of the48 KB (7,803 words) - 13:29, 11 October 2022
- AEPD (Spain) - PS/00249/2020 (category Article 5(1)(b) GDPR)negligent action (Article 83(2)(b) GDPR) and that basic identifiers such as name, surname, and address are affected (Article 83(2)(g) GDPR), including also20 KB (3,097 words) - 14:22, 13 December 2023
- Commissioner (Cyprus) - 17.05.23 (category Article 5(1)(c) GDPR)of the measures referred to points (a) to (h) of Article 58(2) and Article 58(2)(a) to (h) paragraph 2(j). When deciding on the imposition of administrative31 KB (4,973 words) - 16:50, 6 December 2023
- Datatilsynet (Denmark) - 2019-431-0018 (category Article 5(1)(b) GDPR)legitimate and explicit purpose. Therefore, it was contrary to Article 5(1)(b) GDPR and Article 6 GDPR. In addition, the DPA found that the controller did not18 KB (2,667 words) - 16:29, 6 December 2023
- AEPD (Spain) - PS/00247/2019 (category Article 32(2) GDPR)managed for, as this is the business of the company (Article 83.2.k of the RGPD in relation to Article 76.2.b of the LOPDGDD) The following circumstances would39 KB (6,720 words) - 14:22, 13 December 2023
- Rb. Rotterdam - 9436020 \ CV EXPL 21-30289 (category Article 4(2) GDPR)data is a form of processing as referred to in the GDPR (article 4 sub 2 GDPR). Article 6 of the GDPR provides that the processing of personal data is only19 KB (2,828 words) - 10:09, 18 March 2022
- NAIH (Hungary) - NAIH/2020/32/4 (category Article 5(1) GDPR)obligor.[Article 83(2)(b) GDPR] - The obligor has not yet been convicted for violating the General Data Protection Regulation.[Article 83(2)(e) GDPR] - The75 KB (12,586 words) - 10:10, 17 November 2023
- AEPD (Spain) - PS/00010/2020 (category Article 83(2)(b) GDPR)regard to article 83.2 (k) of the RGPD, the LOPDGDD, article 76, "Sanctions and corrective measures", provides: "2. In accordance with Article 83(2)(k) of22 KB (3,523 words) - 13:45, 13 December 2023
- CNPD (Luxembourg) - Délibération n°37FR/2021 (category Article 37(7) GDPR)Officer (DPO) under Section 4 of Chapter 4 of the GDPR (see in particular Article 37 GDPR to Article 39 GDPR). One of these audit proceedings concerned a Luxembourg26 KB (3,862 words) - 17:41, 25 June 2022
- AEPD (Spain) - PS/00315/2020 (category Article 28 GDPR)es 11/20 RGPD, and article 74.k) of the LOPDGDD, a fine of 100,000 euros, of in accordance with article 83.2.a) of the RGPD and 76.2.b) of the LOPDGDD.)62 KB (10,401 words) - 14:35, 21 November 2023
- AEPD (Spain) - PS/00070/2020 (category Article 58(2)(b) GDPR)of warning to B.B.B., with NIF *** NIF.1, for an infringement of article 5.1.a) of the RGPD, as determined by articles 83.5 a) and 58.2.b) of the RGPD.43 KB (7,001 words) - 13:56, 13 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 310/161/23 (category Article 83(6) GDPR)accordance with Article 58, paragraph 2, subparagraph b of the General Data Protection Regulation, and an order pursuant to Article 58, paragraph 2, subparagraph71 KB (11,552 words) - 13:40, 12 January 2024
- CNIL (France) - SAN-2020-009 (category Article 5(1)(a) GDPR)of a link to this information. This was a violation of Article 12. Based on Article 13(2)(a) GDPR and WP29 guidelines on transparency, the CNIL noted that48 KB (7,404 words) - 17:09, 6 December 2023
- NAIH (Hungary) - NAIH/2020/6484 (category Article 15(1)(a) GDPR)" Under Article 83 (2), (5) and (7) of the General Data Protection Regulation: administrative fines in accordance with Article 58 (2) (a) to (b), depending27 KB (4,159 words) - 10:13, 17 November 2023
- AEPD (Spain) - PS/00151/2020 (category Article 5(1)(c) GDPR)specified period - article 58. 2 d) -. According to the provisions of article 83.2 of the RGPD, the measure provided for in article 58.2 d) of the aforementioned28 KB (4,525 words) - 14:06, 13 December 2023
- AEPD (Spain) - PS/00279/2020 (category Article 6 GDPR)for the violation of Article 6 GDPR and € 4 000 for the violation of article 13, under the power conferred by Article 83(5) GDPR. Share your comments here21 KB (3,123 words) - 14:25, 13 December 2023
- AEPD (Spain) - PS/00025/2019 (category Article 58(2)(d) GDPR)third parties (article 83.2.k, of the RGPD in relationwith article 76.2.b, of the LOPDGDD)SAWIn accordance with articles 58.2 and 83.2 of the RGPD, previously88 KB (14,301 words) - 13:48, 13 December 2023
- BVwG - W211 2230221-1 (category Article 15(1)(c) GDPR)right to information according to Art 15 GDPR, especially since it can be derived from recitals 9 and 10 of the GDPR that the European legislator is reducing19 KB (2,825 words) - 09:42, 26 November 2021
- OLG Köln - 15 U 126/19 (category Article 17(1)(d) GDPR)relief only with regard to the motions under 2 a) and 2 b) and partially with regard to the motion under 2 d), so that the rest of the regional court decision121 KB (20,412 words) - 15:58, 10 March 2022
- APD/GBA (Belgium) - 48/2021 (category Article 5(1)(a) GDPR)(listed in Article 57 of the GDPR) including that of dealing with complaints (article 57.1.f) of the GDPR) as well as a number of powers (article 58 of the43 KB (6,670 words) - 16:58, 12 December 2023
- [The equivalent GDPR Article to Article 48(3)(a) EU GDPR is Article 46(3)(a) GDPR, and Article 50(1)(d) EU GDPR is Article 49(1)(d) GDPR.] Share blogs or73 KB (9,347 words) - 13:28, 26 July 2023
- UODO (Poland) - DKN.5112.7.2020 (category Article 58(2)(b) GDPR)and Article 60 of the Act of 10 May 2018 on the protection of personal data (Journal of Laws of 2019, item 1781) and pursuant to Article 58(2)(b) in connection29 KB (4,687 words) - 09:56, 17 November 2023
- AEPD (Spain) - PS/00235/2020 (category Article 6(1) GDPR)carried out by the claimed (article 83.2. a) of the RGPD). - The intentionality or negligence of the infringement (article 83.2. B) of the RGPD). - Basic personal24 KB (3,766 words) - 14:21, 13 December 2023
- DSB (Austria) - D550.038/0003-DSB/2018 (category Article 5(1)(a) GDPR)conjunction with Article 62 (1) 4 DSG and for the period prior to 25 May 2018 against Article 52 Paragraph 2 no. 7 in conjunction with § 50b par. 2 DSG 2000.31 KB (5,161 words) - 14:02, 12 May 2023
- HDPA (Greece) - 3/2020 (category Article 15 GDPR)particularly difficult. 9. In view of the above findings, the Authority considers, by unanimity, that the controller referred to in Article 21 (1) (b) of Law 2472/199719 KB (3,034 words) - 15:33, 6 December 2023
- AEPD (Spain) - EXP202306257 (category Article 44 GDPR)EDREAMS, S.L. was ordered for a violation of the Article 44 of the GDPR, typified in Article 83.5 of the GDPR, adapt the activity of data processing carried83 KB (12,999 words) - 15:30, 6 March 2024
- AEPD (Spain) - PS/00332/2020 (category Article 7 GDPR)The Spanish DPA (AEPD) fined Borjamotor, S.A. for infringing Article 7 GDPR and Article Article 21(1) of the Spanish Law on Information Society Services (LSSI)45 KB (6,853 words) - 14:29, 13 December 2023
- AEPD (Spain) - PS/00406/2020 (category Article 6(1)(f) GDPR)significant (article 83.2 b). - The duration of the illegitimate treatment of the data of the affected party carried out by the claimed (article 83.2 d). That36 KB (5,582 words) - 14:35, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9445180 (category Article 5(1)(a) GDPR)private and professional spheres, to be applicable (see Article 2 and Article 41, paragraph 2, Cost). Niemietz c. Allemagne, 16.12.1992 (Rec. no. 13710/88)34 KB (5,414 words) - 15:50, 6 December 2023
- AEPD (Spain) - EXP202305050 (category Article 58(1) GDPR)by Article 83(2)(b) GDPR, and also the link between the company's activity and the processing of personal data, as provided for by Article 76(2)(b) GDPR57 KB (9,217 words) - 10:44, 13 December 2023
- DSB (Austria) - 2020-0.111.488 (category Article 9(2) GDPR)publication of their data under Article 9(2)(a) GDPR and there was no other legal basis for the processing under Article 9(2) GDPR. Consequently, the DSB issued8 KB (1,048 words) - 13:50, 12 May 2023
- CNPD (Luxembourg) - Délibération n° 18/FR/2022 (category Article 5(1)(b) GDPR)investigation regarding the violation of Article 15(1)(b) and (c). In accordance with Article 58(2) and Article 83(2), the DPA fined Company A €1,500. Since76 KB (11,147 words) - 16:58, 6 December 2023
- AEPD (Spain) - PS/00423/2019 (category Article 13 GDPR)section of Investigated Entities. It also provides other data:Name: B.B.B.Surname: B.B.B.Address: ***ADDRESS.1Contact e-mail: ***EMAIL.1Contact telephone:23 KB (3,636 words) - 14:38, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9542155 (category Article 5(2) GDPR)Authority of Bologna for violation of Articles 5(2)(f) and 9 GDPR. On the basis of Articles 58(2)(i) and 83 GDPR, the Garante imposed a fine of € 18 000 on the26 KB (4,162 words) - 15:54, 6 December 2023
- Garante per la protezione dei dati personali (Italy) - 9795350 (category Article 5(1)(a) GDPR)required by Article 12 GDPR. The DPA clarified that the right of information and the right of access are distinct. An access request under Article 15 GDPR is not90 KB (14,651 words) - 08:07, 5 September 2022
- DSB (Austria) - D122.844/0006-DSB/2018 (category Article 12(5) GDPR)under Article 15 GDPR and demanded free access to the historic bank transaction data. The bank argued that this would be a misuse of Article 15 GDPR and19 KB (2,936 words) - 13:55, 12 May 2023
- AEPD (Spain) - PS/00274/2020 (category Article 21 GDPR)IMPOSE RAISE MARKETING, SL, with NIF B67543355, for a violation of Article 48.1.b) of the LGT, typified in Article 78.11 of the LGT (minor offense), a fine16 KB (2,544 words) - 14:25, 13 December 2023
- AEPD (Spain) - PS/00379/2019 (category Article 6 GDPR)to Article 83(2)(k) of the RGPD, the LOPDGDD, in its Article 76, "Penalties and corrective measures", states that: "In accordance with Article 83(2)(k)26 KB (4,235 words) - 14:33, 13 December 2023
- UODO (Poland) - ZSPR.421.3.2018 (category Article 14 GDPR)portability; (d) where processing is based on point (a) of Article 6(1) or point (a) of Article 9(2), the existence of the right to withdraw consent at any52 KB (8,444 words) - 10:01, 17 November 2023
- AEPD (Spain) - PS/00058/2020 (category Article 5(1)(f) GDPR)significant negligent action (article 83.2 b). Basic personal identifiers are affected, according to the article 83.2g). Therefore, in accordance with28 KB (4,619 words) - 13:53, 13 December 2023
- DSB (Austria) - D130.206/0006-DSB/2019 (category Article 3(2)(a) GDPR)in line with Article 13 GDPR. On the DSB's request, the controller declared R*** Hotels GmbH as its representative under Article 27 GDPR and sent a reply40 KB (6,007 words) - 13:59, 12 May 2023
- AEPD (Spain) - PS/00059/2020 (category Article 28 GDPR)violation of article 21 of the LSSICE, classified as serious in article 38.3.d) and c) of said rule, for the alleged infringement of article 48.1.b) of the287 KB (48,336 words) - 13:53, 13 December 2023
- DSB (Austria) - D123.768/0004-DSB/2019 (category Article 85(2) GDPR)para 11 CFR Art11 para 1 ECHR Art10 para 1 GDPR Art4 no 2 GDPR Art4 no 7 GDPR Art85 para 1 GDPR Art85 para 2 Text GZ: DSB-D123.768/0004-DSB/2019 of 18.1229 KB (4,637 words) - 13:57, 12 May 2023
- HDPA (Greece) - 53/2022 (category Article 6(1)(b) GDPR)violation of article 13 of Regulation (EU) 2016/679, in accordance with article 58 par. 2 i' of the GDPR in combination with article 83 par. 5 of the GDPR. The50 KB (8,004 words) - 04:49, 14 December 2022
- CNPD (Portugal) - Deliberação 2022/140 (category Article 13(2) GDPR)violated the provisions of this Regulation" (Article 58.2.b)) and to "impose a fine under Article 83" (Article 58.2.b)).The Commission will be able to impose75 KB (12,306 words) - 10:02, 21 December 2022
- Datatilsynet (Norway) - 18/02579 (category Article 5(2) GDPR)subsequent violations of Article 32(1)(b) GDPR and Article 32(1)(d) GDPR and of the principle of accountability as foreseen in Article 5(2) GDPR read in conjunction41 KB (6,337 words) - 18:52, 5 March 2022
- AEPD (Spain) - PS/00183/2022 (category Article 5(1)(d) GDPR)defendant and the processing of personal data (article 83.2.k, of the RGPD in relation to article 76.2.b, of the LOPDGDD) The activity of the defendant63 KB (10,203 words) - 13:01, 13 December 2023
- Datatilsynet (Norway) - 20/01516 (category Article 32(1)(b) GDPR)2000 and the Personal Data Regulations 2000 applied. Regulations §§ 2-6, 2-11, 2-13 and 2-14 regulated such matters as the case concerns. The relevant conditions26 KB (3,885 words) - 08:43, 7 May 2022
- AEPD (Spain) - PS/00227/2020 (category Article 6(1) GDPR)Articles 6 and 13 GDPR? The AEPD decided to impose, for infringement of Article 6 GDPR, a fine of € 10000 and, for infringement of Article 13 GDPR, a fine of46 KB (7,230 words) - 14:20, 13 December 2023
- AEPD (Spain) - EXP202205820 (category Article 6 GDPR)according to article 4.1 of the GDPR, are a Personal data and its protection, therefore, is the subject of said Regulation. In the article 4.2 of the GDPR defines61 KB (9,700 words) - 13:21, 13 December 2023
- EWHC (UK)- QB- Soriano v Forensic News LLC (category Article 3(2) GDPR)conferred by article 79(2) of the GDPR. This is the relevant provision for the purposes of para 3.1(20) of CPR Practice Direction 3B. Article 79(2) provides:108 KB (18,178 words) - 11:57, 29 November 2021
- AEPD (Spain) - TD/00109/2020 (category Article 15 GDPR)treated; (b) the data subject withdraws the consent on the basis of which the processing of in accordance with Article 6(1)(a) or Article 9(2)(a) a), and19 KB (3,100 words) - 14:50, 13 December 2023
- AEPD (Spain) - PS/00006/2022 (category Article 12 GDPR)violation of the Article 12 of the GDPR, in conjunction with Article 17 of the GDPR. V Classification of the infringement of article 12 of the GDPR The aforementioned54 KB (8,870 words) - 10:43, 13 December 2023
- AEPD (Spain) - PS/00365/2019 (category Article 31 GDPR)infringement of Article 31 GDPR in conjunction with Article 58(1)(e) GDPR. The AEPD, therefore, agreed to impose a penalty of € 20000 under Article 83(5)(e) GDPR86 KB (14,295 words) - 14:32, 13 December 2023
- AEPD (Spain) - PS/00320/2020 (category Article 58(2)(i) GDPR)described violates article 6.1. of the RGPD and is subsumable in the sanctioning type of the article 83.5.a, of the RGPD. IV Article 72.1.b) of the LOPDGDD18 KB (2,736 words) - 14:28, 13 December 2023
- OLG Hamm - 7 U 19/23 (category Article 82 GDPR)contract (Article 6(1)(b) GDPR), nor could be based on legitimate interest of the controller (Article 6(1)(f) GDPR). Consent (Article 6(1)(a) GDPR) could130 KB (21,874 words) - 09:43, 15 February 2024
- AEPD (Spain) - PS/00152/2020 (category Article 58(2)(b) GDPR)Subject: IRREVOCABLE DIMITION A.A.A. AND B.B.B. OF FOUNDATION SYNDROME 5P To: A.A.A. < ***EMAIL.1> , AA B.B.B. ***EMAIL.2 • The Foundation has written to the27 KB (4,243 words) - 14:06, 13 December 2023
- HDPA (Greece) - 47/2022 (category Article 28(3) GDPR)data subject (Article 26 GDPR). The processing by the processor must, in accordance with the provisions of article 28 paragraph 3 of the GDPR, be governed25 KB (3,943 words) - 14:32, 28 September 2022
- VGH München – 5 CS 19.2087 (category Article 4(1) GDPR)No. 1, No. 2, Art. 6 para. 1 sentence 1 lit. c, para. 3 sentence 1, Art. 86 GKG § 47 (1), § 52 (2), § 53 (2) no. 2, § 63 (3) sentence 1 no. 2, § 66 (3)40 KB (6,397 words) - 08:03, 21 March 2022
- Rb. Overijssel - AK 20 1535 (category Article 17(3)(b) GDPR)assistance under Article 2.3 of the Youth Act and that deletion would violate the Archives Act (Archiefwet) and Article 17(3)(b) GDPR. The mother objected23 KB (3,225 words) - 11:52, 4 October 2021
- HDPA (Greece) - 29/2023 (category Article 5(1)(c) GDPR)15(1)(a)-(h) GDPR. For these reasons, under Article 58 GDPR, the HDPA reprimanded the controller for violating Article 5(1)(c) GDPR and Article 15 GDPR. In addition21 KB (3,334 words) - 09:12, 25 October 2023
- Commissioner (Cyprus) - 11.17.001.008.222 (category Article 12(3) GDPR)Based information provided and the authority granted by Article 58 and 83 GDPR, as well as Article 24(b) of National Law 125(I)/2018, the DPA came to the following16 KB (2,438 words) - 09:07, 9 June 2023
- AEPD (Spain) - PS/00113/2019 (category Article 58(2)(b) GDPR)the defendant for an infringement of Article 5(1)(a) GDPR a warning penalty in accordance with Article 58(2)(b) GDPR. Share your comments here! Share blogs23 KB (3,836 words) - 14:01, 13 December 2023
- CNPD (Luxembourg) - Délibération n° 6FR/2023 (category Article 31 GDPR)4(7) GDPR, and Company A was the processor for the purposes of Article 4(8) GDPR. The DPA found that both Companies A and B had breached Article 31 GDPR and55 KB (9,079 words) - 16:57, 6 December 2023
- AEPD (Spain) - EXP202206825 (category Article 6(1) GDPR)to B.B.B.. C/ Jorge Juan, 6 www.aepd.es 28001 – Madrid sedeagpd.gob.es 10/11 THIRD: ORDER to B.B.B., with NIF ***NIF.1, which by virtue of article 58.231 KB (4,864 words) - 13:27, 13 December 2023
- AEPD (Spain) - PS/00215/2020 (category Article 5(1)(c) GDPR)to"Process third party data" (art. 83.2 a) RGPD).- the intentionality or negligence in the infringement (art. 83.2 b) RGPD).For all these reasons, it is18 KB (2,721 words) - 14:11, 13 December 2023
- AEPD (Spain) - EXP202315744 (category Article 17 GDPR)otherwise treated; b) the interested party withdraws the consent on which the treatment is based in accordance with Article 6(1)(a) or Article 9(2)(a) and this20 KB (3,052 words) - 08:17, 16 April 2024
- AEPD (Spain) - PS/00473/2019 (category Article 5 GDPR)infractions of article 48 of Law 9/2014, of May 9, General Telecommunications (hereinafter LGT), in accordance with the provisions of the article 84.3 of the35 KB (5,635 words) - 14:41, 13 December 2023
- AEPD (Spain) - PS/00188/2020 (category Article 5(1)(f) GDPR)regard to Article 83.2(k) of the RGPD, the LOPDGDD, in its Article 76, "Sanctions and remedial measures", provides that "In accordance with Article 83(2)(k)24 KB (3,907 words) - 14:08, 13 December 2023
- AEPD (Spain) - PS/00182/2020 (category Article 6(1) GDPR)parties (article 83.2.k, of the RGPD in relation to article 76.2.b, of the LOPDGDD). The balance of the circumstances contemplated in article 83.2 of the21 KB (3,154 words) - 14:07, 13 December 2023
- AEPD (Spain) - PS/00200/2020 (category Article 83(2)(b) GDPR)negligent action (Article 83(2)(b) GDPR), and for being data known as basic personal identifiers such as name and address (Article 83(2)(g) GDPR). The AEPD set30 KB (4,833 words) - 14:10, 13 December 2023
- APD/GBA (Belgium) - 73/2020 (category Article 5 GDPR)accordance with article 15 AVG (section 2.1) - data processing officer (section 2.2) - cookie policy (section 2.3) - health data processing (section 2.4) - camera93 KB (14,040 words) - 17:00, 12 December 2023
- HDPA (Greece) - 35/2023 (category Article 4(12) GDPR)according to article 5 par. 1 a) and f) GDPR. B. It imposes, on ALFA BANK S.A., as controller, based on article 58 par. 2 sec. i) of the GDPR, an administrative52 KB (8,460 words) - 10:54, 10 January 2024
- AEPD (Spain) - TD/00185/2019 (category Article 17 GDPR)processed; b) the data subject withdraws the consent on the basis of which the processing was carried out in accordance with Article 6(1)(a) or Article 9(2)(a)17 KB (2,620 words) - 14:51, 13 December 2023
- BVwG (Austria) - W211 2268942-1 (category Article 55(3) GDPR)standard B-VG Art 130 Paragraph 2a B-VG Art 133 Paragraph 4 B-VG Art87 Paragraph 2 BVwGG §24a BVwGG §3 GDPR Art55 Paragraph 3 GOG §84 GOG §85 B-VG Art.75 KB (12,118 words) - 15:46, 14 February 2024
- AEPD (Spain) - PS/00132/2022 (category Article 6(1) GDPR)(c) where the processing is based on Article 6(1)(a) or Article 6(1)(b) or Article 6(1)(c) of the GDPR Article 9(2)(a), the existence of the right to withdraw52 KB (8,416 words) - 12:59, 13 December 2023
- AEPD (Spain) - PS/00075/2020 (category Article 83(5)(b) GDPR)relation to Article 83.2(k) of the RGPD, the LOPDGDD, in its Article 76, "Sanctions and remedial measures", provides that "In accordance with Article 83(2)(k)31 KB (4,909 words) - 13:56, 13 December 2023
- Personvernnemnda (Norway) - 2021-05 (20/02912) (category Article 17(1)(c) GDPR)emphasised: None of the personal data concerned information covered by Article 9 or 10 GDPR. The data subject was interviewed as part of his role in the business26 KB (4,299 words) - 18:49, 5 March 2022
- Datatilsynet (Norway) - 20/02274 (category Article 5(2) GDPR)fundamental principles of the GDPR, notably Article 5(1)(a) and (e) GDPR. The DPA found violations of various provisions of the GDPR. It held that the controller47 KB (7,661 words) - 18:54, 5 March 2022
- NAIH (Hungary) - NAIH/2020/34/3 (category Article 12(2) GDPR)Protection Regulation (Article 83 (2) (e) of the General Data Protection Regulation). circumstances within the meaning of Article 2 (2) (b), (f), (g), (h), (i)48 KB (7,727 words) - 10:11, 17 November 2023
- LG Bonn - 29 OWi 1/20 (category Article 32(2) GDPR)the criteria in Article 83 (2) sentence 2 GDPR. In this case, the fact-based assessment criteria in Article 83 (2) sentence 2 of the GDPR take precedence58 KB (9,577 words) - 08:06, 16 September 2021
- AEPD (Spain) - EXP202105693 (category Article 83(2) GDPR)the conduct object of this claim is undeniable (article 76.2.b) of the LOPDGDD in relation to article 83.2.k). - Although it cannot be argued that the defendant49 KB (7,579 words) - 13:15, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9445567 (category Article 5(1)(a) GDPR)circumstances of the specific case (Article 58, paragraph 2, letter i) of the Regulation). 4. Injunction order. Pursuant to art. 58, par. 2, lett. i) of the Regulations16 KB (2,471 words) - 15:51, 6 December 2023
- AEPD (Spain) - PS/00004/2020 (category Article 5(1)(c) GDPR)Juan, 6www.aepd.es28001 - Madridsedeagpd.gob.es Page 9 9/9In accordance with the provisions of article 50 of the LOPDGDD, thisResolution will be made public18 KB (2,798 words) - 13:44, 13 December 2023
- Datatilsynet (Norway) - 20/01626 (category Article 5(1)(a) GDPR)processing as per Article 5(1)(b), nor legal grounds as per Article 6. In sum, the DPA found that NIF had breached Article 5(1)(a), (c) and (f), Article 6, and Article50 KB (8,081 words) - 18:52, 5 March 2022
- LAG Mecklenburg-Western Pomerania - 5 Sa 108/19 (category Article 37 GDPR)2019, GDPR Art. 37, para. 1; Döpfler , EU-GDPR and BDSG, 2nd edition 2020, GDPR Art. 37, marginal 1; Paal / Pauly, DS-GVO BDSG, 2nd ed. 2018, GDPR Art.48 KB (7,320 words) - 12:44, 4 October 2021
- AEPD (Spain) - EXP202211953 (category Article 5(1)(a) GDPR)graduation established in section 2 of the aforementioned article. 2. In accordance with the provisions of article 83.2.k) of the Regulation (EU) 2016/67985 KB (13,042 words) - 12:42, 13 December 2023
- AKI (Estonia) - 2.1.-3/20/4479 (category Article 5(1)(c) GDPR)representation does not replace Article 9 (2) (a) and (c) consent of the data subject in accordance with Article 7. Article 7 (1) of the ECHR provides that28 KB (4,474 words) - 10:31, 13 December 2023
- Persónuvernd (Island) - 2022020363 (category Article 58(2)(d) GDPR)administrative fine in the amount of 2,000,000 ISK on the controller under Article 83(2)(a) GDPR and Article 83(2)(g) GDPR. This is just one of five decisions142 KB (22,881 words) - 12:42, 16 January 2024
- AEPD (Spain) - EXP202203914 (category Article 6(1) GDPR)of personal data of clients or third parties (article 83.2.k, of the GDPR in relation to article 76.2.b, of the LOPDGDD). The Judgment of the National37 KB (5,914 words) - 10:42, 13 December 2023
- NAIH (Hungary) - NAIH-373-31/2023 (category Article 5(1)(b) GDPR)this regard [GDPR Article 14 (2) b) ]. (iv) The prospectus did not provide any information regarding data subject rights [GDPR Article 14 (2) c)]. In the140 KB (23,189 words) - 08:25, 20 February 2024
- CNIL (France) - SAN-2023-016 (category Article 5(1)(b) GDPR)breached Article 5(1)(b) GDPR. Therefore, the DPA handed down a 'call to order' against the joint controllers for breaching Article 5(1)(b) GDPR, and no27 KB (4,166 words) - 17:06, 6 December 2023
- LG Köln - 28 O 138/22 (category Article 82 GDPR)Sections 1004 analogously, Section 823 (1) and (2) BGB in conjunction with Article 6 (1) GDPR and Article 17 GDPR. Claims under data protection law could be39 KB (6,362 words) - 14:01, 22 June 2023
- UODO (Poland) - ZSPR.421.19.2019 (category Article 31 GDPR)with Article 31, Article 58(1)(e) and (f) in connection with Article 83(1-3) and Article 83(5)(e) of Regulation 2016/679 of the European Parliament and of29 KB (4,698 words) - 10:02, 17 November 2023
- AEPD (Spain) - EXP202206302 (category Article 6 GDPR)event of a violation of the precepts of the RGPD. Article 58.2 of the GDPR provides the following: “2 Each supervisory authority will have all of the following28 KB (4,608 words) - 13:27, 13 December 2023
- APD/GBA (Belgium) - 54/2021 (category Article 4 GDPR) (section The notion of processing of personal data within the meaning of Article 4 GDPR)is maintained under Article 6.1 b) to f) of the GDPR and therefore in Article 6.1.c) invoked in the species. Article 6.1 of the GDPR in fact reproduces73 KB (11,238 words) - 16:59, 12 December 2023
- AEPD (Spain) - EXP202105333 (category Article 6(1) GDPR)information”, article 83.2 f) of the GDPR. (IV) "The non-existence of benefits obtained through the infringement", article 83.2 k) of the GDPR and 76.2 c) of the49 KB (7,973 words) - 13:25, 13 December 2023
- BVerfG - 1 BvR 276/17 (category Article 17 GDPR)violation of the general right of personality under Article 1.1, Article 2.1 of the Basic Law (Article 7, Article 8 of the Basic Law) was to be taken into account127 KB (21,367 words) - 16:00, 22 March 2022
- AEPD (Spain) - PS/00448/2020 (category Article 5(1)(f) GDPR)complainant, Article 83(2)(h) GDPR - The existence of a prior complaint. Aggravating factors in accordance with Article 72(2)(a) & (b) LOPDGDD and Article 83(2)(k)45 KB (7,217 words) - 14:40, 13 December 2023
- GHAL - 200.256.426 (category Article 4(2) GDPR)on legitimate interests according to Article 6(1)(f) GDPR and that Ziggo had to comply with Article 6(4)(d) GDPR. The Court found that DFW had a legitimate40 KB (6,777 words) - 16:28, 15 March 2022
- APD/GBA (Belgium) - 10/2019 (category Article 5(1)(b) GDPR)been taken up in Article 5(1)(b) of the GDPR under the Principles relating to the processing of personal data (Chapter II). Article 5(1)(b) of the RGPD thus32 KB (5,190 words) - 16:51, 12 December 2023
- AEPD (Spain) - PS/00155/2021 (category Article 58(1) GDPR)establishes article 83.2 of the RGPD, and with the provisions of article 76 of the LOPDGDD, regarding section k) of the aforementioned article 83.2 RGPD. In20 KB (2,992 words) - 13:30, 13 December 2023