Search results
From GDPRhub
- AEPD (Spain) - EXP202102088 (category Article 83(5)(b) GDPR)claimed party, for the alleged infringement of article 13 of the RGPD, typified in article 83.5 of the GDPR. FIFTH: After the period granted for the formulation26 KB (3,881 words) - 13:35, 13 December 2023
- AEPD (Spain) - PS/00273/2019 (category Article 5(1)(c) GDPR)against the respondent, by the alleged violation of Article 5.1(c) of the GPRS, as defined in Article 83.5 of the RGPD. In view of all that has been done,16 KB (2,359 words) - 14:24, 13 December 2023
- AEPD (Spain) - PS/00082/2020 (category Article 5(1)(c) GDPR)procedure to the claimed, by thealleged violation of Article 5.1.c) of the RGPD, typified in Article 83.5 of theRGPD.FIFTH: On 06/22/20, this Agency received18 KB (2,749 words) - 13:57, 13 December 2023
- AEPD (Spain) - PS/00389/2019 (category Article 5 GDPR)of which are typified in article 83.4.a). V The violation of articles 32, 33 and 34 of the RGPD are criminalized in Article 83.4(a) of the said GPRS in the31 KB (4,819 words) - 14:34, 13 December 2023
- AEPD (Spain) - PS/00189/2020 (category Article 58(2) GDPR)allegations. On March 26, 2019, in accordance with article 65.4 of the Organic Law 3/2018, of December 5, Protection of Personal Data and guarantee of digital22 KB (3,343 words) - 14:08, 13 December 2023
- Court of Appeal of Brussels - 2022/AR/556 (category Article 5(1)(b) GDPR)provisions of the GDPR relating to the principles of data protection (article 5 of the GDPR) and the lawfulness of processing (article 6 of the GDPR). An infringement83 KB (13,694 words) - 09:53, 14 December 2023
- AEPD (Spain) - PS/00245/2019 (category Article 5(1)(a) GDPR)Articles 5(1)(a) GDPR and 13 GDPR. On the other hand, they disagreed with the infringement of Article 5(1)(a) GDPR in relation to Article 9(1) GDPR with regard116 KB (18,941 words) - 14:21, 13 December 2023
- OLG Köln - 15 U 89/19 (category Article 17(3) GDPR)under Article 17(3) GDPR. Two doctors sued a platform for deletion of their basic profile set up on the platform without their consent under Article 17 GDPR143 KB (24,273 words) - 15:59, 10 March 2022
- AEPD (Spain) - PS/00278/2020 (category Article 5(1)(a) GDPR)images, in violation of Article 5(1)(a) GDPR? The Spanish DPA (AEPD) found that the defendant's conduct violated Article 5(1)(a) GDPR, as a broader principle28 KB (4,592 words) - 14:25, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9446730 (category Article 5(1)(e) GDPR)has a date (21.5.2018) subsequent to the date on which the complainant's computer was accessed (16.5.2018) (note 1.3.2019, p. 4-5). 1.4. On 17 May 201934 KB (5,420 words) - 15:51, 6 December 2023
- DSB (Austria) - D123.921/0005-DSB/2019 (category Article 12(4) GDPR)2016/679 (General Data Protection Regulation - GDPR), OJ No. L119 of 4.5. 2016; §§ 4 Paragraph 6, 24 Paragraph 1 and 5 of the Data Protection Act - DSG, Federal42 KB (6,592 words) - 13:58, 12 May 2023
- AEPD (Spain) - PS/00028/2020 (category Article 6 GDPR)aviolation of article 6 of the RGPD, typified in article 83.5 of the RGPD, in relation towith article 72.1 b) of the LOPDGDD, a fine of € 4,000 (four thousand14 KB (2,075 words) - 13:48, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9269629 (category Article 5(1)(f) GDPR)Consequently, based on Article 83(5)(a) GDPR, the hospital was fined to pay a fine of EUR 30.000,00 for violation of Article 5(1)(f) GDPR. Corrective measures38 KB (5,724 words) - 15:47, 6 December 2023
- HDPA (Greece) - 25/2022 (category Article 5(1)(a) GDPR)principles of article 5 par. 1 GDPR. It's not a coincidence that the GDPR includes accountability (already mentioned above article 5 par. 2 GDPR) in the regulation48 KB (7,803 words) - 13:29, 11 October 2022
- AEPD (Spain) - EXP202206542 (category Article 5(1) GDPR)***NIF.1, in accordance with article 58.2.d) of the GDPR, for a violation of article 13 of the GDPR typified in article 83.5.b) of the aforementioned Regulation24 KB (3,749 words) - 13:19, 13 December 2023
- AEPD (Spain) - EXP202204461 (category Article 5(1)(f) GDPR)Therefore, Article 5(1)(f) GDPR was considered violated by the community of owners as a whole and a fine according to Article 83(5) GDPR was imposed.24 KB (3,631 words) - 13:20, 13 December 2023
- Datatilsynet (Norway) - 20/04401 (category Article 6(1) GDPR)Ordinance, Article 4, No. 7 for the person in question the credit check made by complainants. 5. Legal basis for obtaining credit information 5.1. In particular40 KB (5,988 words) - 19:04, 5 March 2022
- Garante per la protezione dei dati personali (Italy) - 9542155 (category Article 5(2) GDPR)treatment referred to in Articles 5 and 9 of the Regulations (Article 5, par. 1, letter f) of the Regulations). With a note dated 11.4.2019 (prot.n.46587), the26 KB (4,162 words) - 15:54, 6 December 2023
- Datatilsynet (Denmark) - 2019-431-0048 (category Article 28(1) GDPR)municipalities has not complied with Article 28 (1) of the Data Protection Regulation. Article 32 (3) (f), cf. Article 32, as the company has not implemented18 KB (2,633 words) - 16:36, 6 December 2023
- DSB (Austria) - 2020-0.816.655 (category Article 4(16)(a) GDPR)and (b) GDPR). However, Art. 14(1) to (4) GDPR shall not apply if and to the extent that the data subject already has the information (para. 5 leg. cit28 KB (4,230 words) - 13:53, 12 May 2023
- NAIH (Hungary) - NAIH-2020/2204/8 (category Article 12(4) GDPR)Sections 3, 4, 6, 11, 12, 13, 16, 17, 21, 23-24. Section 4 (5), Section 5 (3) to (5), (7) and (8), Section 13 (2) § 23, § 25, 25 / G. § (3), (4) and (6),60 KB (9,820 words) - 10:08, 17 November 2023
- CNPD (Luxembourg) - Délibération n° 21FR/2021 (category Article 5(1)(c) GDPR)company was not compliant with Article 13 GDPR. The CNPD held that the controller infringed Article 5(1)(c) GDPR and Article 13 GDPR and decided to: - impose52 KB (7,520 words) - 13:13, 20 July 2021
- Tietosuojavaltuutetun toimisto (Finland) - TSV/26/2020 (category Article 5(1)(e) GDPR)violated Article 5(1)(e) GDPR and Article 25(2) GDPR. As a result, the DPA issued a reprimand to the controller in accordance with Article 58(2)(b) GDPR. Pursuant77 KB (12,352 words) - 07:20, 23 April 2024
- APD/GBA (Belgium) - 82/2020 (category Article 6(1) GDPR)more personal data than strictly necessary within the meaning of Article 5(1)(c) of the GDPR. The FPS Finance therefore does not comply with the data minimization124 KB (18,772 words) - 17:01, 12 December 2023
- Rb. Den Haag - C/09/581973/KG ZA 19/1024 (category Article 82 GDPR)pursuant to Article 12(3) of the AVG. If, as in this case, such a decision is taken by an administrative body, then, pursuant to Article 34 of the GDPR Implementing20 KB (3,086 words) - 16:15, 10 March 2022
- FG München - Auskunftsanspruch nach Art. 15 DSGVO (category Article 15(3) GDPR)"lifting". (4.2) Exclusions (4.2.1) GDPR and AO restrictions 145 According to Art. 15 Para. 1 GDPR, the person concerned (Art. 4 No. 1 GDPR) has a right97 KB (16,519 words) - 09:57, 22 February 2023
- Datatilsynet (Denmark) - 2019-41-0043 (category Article 5(1)(a) GDPR)towards employees, cf. Articles 13 and 14 GDPR complied with the principle of transparency in Article 5 (2) (1) (a) GDPR, which according to the Authority's26 KB (3,931 words) - 16:25, 6 December 2023
- AEPD (Spain) - PS/00251/2020 (category Article 37(1)(b) GDPR)company result in a breach of Article 37 GDPR? The Spanish DPA (AEPD) found that Conseguridad SL had violated Article 37(1)(b) GDPR by not having designated15 KB (2,245 words) - 14:22, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9509515 (category Article 5(1)(a) GDPR)on the basis of Article 9 (2) (B) GDPR in conjunction with Article 32 GDPR" (see note cited, p. 4) (see footnote cit., p. 5-8). 1.6. On 4.8.2020, at the33 KB (5,342 words) - 15:52, 6 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 8393/161/2019 (category Article 5(1)(c) GDPR)with Article 5 (1) (a) and Article 6 (1) (f) GDPR. Thus, the controller failed to comply with the accountability principle under Article 5 (2) GDPR. Second111 KB (17,604 words) - 13:08, 3 March 2024
- AEPD (Spain) - PS/00215/2020 (category Article 5(1)(c) GDPR)processed (data minimization), would that be an infringement of the Article 5.(1)(c) GDPR? The AEPD held, that it is responsibility of the demandant to make18 KB (2,721 words) - 14:11, 13 December 2023
- LfD (Lower Saxony) - notebooksbilliger.de (category Article 5 GDPR)Niedersachsen fined notebooksbilliger.de €10,4 million, their highest fine issued so far under the applicability of the GDPR. Share your comments here! Share blogs7 KB (859 words) - 08:24, 18 January 2021
- AEPD (Spain) - E/00739/2021 (category Article 12(5) GDPR)exercising their rights in bad faith. The AEPD brought forward Article 12(5) GDPR, as well as Article 7 of the Spanish Civil Code, that states that rights must29 KB (4,607 words) - 13:38, 13 December 2023
- AEPD (Spain) - PS/00357/2020 (category Article 13 GDPR)accordance with provided for in article 58.2.b) of the RGPD, for an infringement of article 13 of the RGPD, typified in article 83.5 of the RGPD, a warning sanction20 KB (3,075 words) - 14:32, 13 December 2023
- Court of Appeal of Brussels - 2021/AR/205 (category Article 6 GDPR)licensing rights with Y2 4. 2016: [title number 4]: Master rights for the record company XY = X with exclusive rights with Y2 5. 2018: [Title 5]: Master rights92 KB (14,873 words) - 09:03, 20 August 2021
- AEPD (Spain) - EXP202204530 (category Article 83(5)(b) GDPR)of €10,000.00. claimed, for the violation of article 6.1 of the RGPD, typified in article 83.5.a) of the GDPR. C/ Jorge Juan, 6 www.aepd.es 28001 – Madrid26 KB (3,971 words) - 13:26, 13 December 2023
- CNPD (Luxembourg) - Délibération n° 47FR/2021 (category Article 5(1)(c) GDPR)processing operations should not be disproportionate.5 disproportionate.5 16. Article 5(1)(b) of the GDPR provides that personal data must be be "collected69 KB (11,315 words) - 13:30, 19 January 2022
- Garante per la protezione dei dati personali (Italy) - 9856694 (category Article 5(1)(a) GDPR)applicable to the controller, including Articles 5(1)(a) and 6 GDPR. As a matter of fact, Articles 5(1)(a) and 6 GDPR set general principles and conditions of49 KB (7,758 words) - 15:44, 6 December 2023
- AEPD (Spain) - PS/00308/2020 (category Article 5(1)(a) GDPR)third party, breach Article 6(1) GDPR? The Spanish DPA (AEPD) referred to the principle of lawfulness, fairness and transparency (Article 5(1)(a)), as well25 KB (4,016 words) - 14:27, 13 December 2023
- AEPD (Spain) - PS/00043/2020 (category Article 83(5) GDPR)it on the internet, in accordance with the provisions of article 65.4 of Organic Law 3/2018, of 5 December, Protection of Personal Data and guarantee of24 KB (3,838 words) - 13:51, 13 December 2023
- AEPD (Spain) - PS/00004/2020 (category Article 5(1)(c) GDPR)the infringement of the data minimisation principle specified at Article 5(1)(c) GDPR, as the defendant agreed to an early and guilty voluntary payment18 KB (2,798 words) - 13:44, 13 December 2023
- AEPD (Spain) - PS/00273/2020 (category Article 17 GDPR)DPA (AEPD) imposed a €1000 fine on a beauty salon for breaching Article 17 GDPR and Article 21 LSSI. The salon sent a marketing SMS to a client months after15 KB (2,337 words) - 14:24, 13 December 2023
- AEPD (Spain) - PS/00415/2020 (category Article 5 GDPR)imposed a fine of €60000 for the violating Article 5(1)(d) GDPR and €30000 for violating Article 5(1)(f) GDPR. In imposing the fine, the AEPD factored in30 KB (4,436 words) - 14:36, 13 December 2023
- AEPD (Spain) - EXP202206302 (category Article 83(5)(a) GDPR)sanctioning procedure, under Article 83(5)(a) of the GDPR, against AAA on 21 December 2022, due to a infringement of Article 6. AAA was the father of the28 KB (4,608 words) - 13:27, 13 December 2023
- APD/GBA (Belgium) - 105/2023 (category Article 5(1)(a) GDPR)pursuant to Article 100, §1, 5° WOG, to order a disqualification for the violation of Article 5.1, a), Article 5.2, Article 6, Article 12.1, Article 14.1 a)102 KB (15,787 words) - 07:39, 6 September 2023
- HDPA (Greece) - 9/2024 (category Article 5(1)(a) GDPR)fine of €6,000 imposed for violation of Article 32 GDPR and a fine of €5,000 for the violation of Article 5(1)(a) GDPR. Additionally instructed the erasure102 KB (17,186 words) - 13:46, 26 April 2024
- APD/GBA (Belgium) - 42/2020 (category Article 4(7) GDPR)of minimum data processing (Article 5.1. c) GDPR). 33. In order to check whether the third condition of Article 6.1 f) GDPR - the so-called "Balancing test"30 KB (4,871 words) - 16:58, 12 December 2023
- AEPD (Spain) - PS/00333/2019 (category Article 5 GDPR)infringement of article 5.1(b), as defined in Article 83(5)(a) and considered for the purposes of the statute of limitations in Article 72(1)(a), a fine16 KB (2,625 words) - 14:29, 13 December 2023
- EFTA Court - Joined Cases E-11/19 and E-12/19 (category Article 57(3) GDPR)in relation to proceedings under Article 78(1) of the GDPR. The Court notes that Article 58(4) and Article 78 of the GDPR give expression to the right to59 KB (8,242 words) - 10:47, 17 March 2021
- AP (The Netherlands) - z2018-02009 (category Article 32 GDPR)DPA 5. The General Data Protection Regulation (hereinafter: the GDPR) applies on 25 May 2018 become. The GDPR imposes the same obligation in Article 3233 KB (5,112 words) - 17:10, 12 December 2023
- AEPD (Spain) - PS/00009/2020 (category Article 6(1) GDPR)is typified in Article 83.5 of the RGPD, which considers as such:C / Jorge Juan, 6www.aepd.es28001 - Madridsedeagpd.gob.es Page 5 5/11"5 . Violations of27 KB (4,150 words) - 13:45, 13 December 2023
- AEPD (Spain) - PS/00060/2020 (category Article 83(5)(e) GDPR)personal data under Article 15 GDPR? The Spanish DPA held that the airline company had not complied with the right to access in Article 15 GDPR when it refused23 KB (3,695 words) - 13:53, 13 December 2023
- AEPD (Spain) - PS/00397/2019 (category Article 5(1)(c) GDPR)according to Article 12 GDPR and Article 13 GDPR and to maintain a record of the processing activities under its responsibility according to Article 30(1) GDPR18 KB (2,741 words) - 14:34, 13 December 2023
- Rb. Limburg - C/03/278775 / HA RK 20-119 (category Article 35 GDPR)Pursuant to Article 21(1) of the GDPR, persons such as [the claimant] can object to the processing of their personal data on the basis of Article 6(1)(e) or16 KB (2,580 words) - 10:43, 23 September 2020
- UODO (Poland) - DKN.5112.13.2020 (category Article 5(1)(a) GDPR)in line with the principle of lawfulness in Article 5(1)(a) GDPR, as none of the conditions of Article 6 GDPR were satisfied. The data disclosed in the land60 KB (9,755 words) - 09:58, 17 November 2023
- DSB (Austria) - 2022-0.332.606 (category Article 5(1)(a) GDPR)case fell under the household exception found in Article 2(2)(c) GDPR. According to this provision, the GDPR does not apply to the processing of personal data21 KB (3,166 words) - 13:43, 12 May 2023
- LAG Mecklenburg-Western Pomerania - 5 Sa 108/19 (category Article 37 GDPR)2019, GDPR Art. 37, para. 1; Döpfler , EU-GDPR and BDSG, 2nd edition 2020, GDPR Art. 37, marginal 1; Paal / Pauly, DS-GVO BDSG, 2nd ed. 2018, GDPR Art.48 KB (7,320 words) - 12:44, 4 October 2021
- APD/GBA (Belgium) - 72/2020 (category Article 5(1)(b) GDPR)eu/newsroom/article29/item-detail.cfm?item_id=623051) 5 These guidelines have since been replaced by a new EDPB document adopted on May 4, 2020. (https://edpb34 KB (5,677 words) - 17:00, 12 December 2023
- AEPD (Spain) - PS/00227/2019 (category Article 6(1)(a) GDPR)against the defendant for the alleged infringement of Article 6.1(a) of the RGPD, as defined in Article 83.4 of the RGPD. FOURTH: Upon notification of the above-mentioned36 KB (5,821 words) - 14:20, 13 December 2023
- AEPD (Spain) - PS/00291/2020 (category Article 5(1)(f) GDPR)- Madrid sedeagpd.gob.es 4/4 The exposed facts suppose, on the part of the claimed, the commission of the infraction of article 22.2 of the LSSI. This offense15 KB (2,246 words) - 14:26, 13 December 2023
- AEPD (Spain) - PS/00306/2019 (category Article 5(1)(c) GDPR)that meets the contemplated requirements-two in article 5 of Law 5/2014 on Private Security, of April 4.- Camcorders cannot capture images of people who22 KB (3,421 words) - 14:27, 13 December 2023
- AEPD (Spain) - PS/00450/2019 (category Article 5(1)(f) GDPR)Digital Rights (LOPDGDD), for the infringement of Article 5.1 f) of the RGPD, typified in Article 83.5 a) of the RGPD and considered very serious in 7217 KB (2,620 words) - 14:43, 13 December 2023
- UODO (Poland) - DKN.5130.1354.2020 (category Article 5(1)(f) GDPR)expressed in Article 5 (1 ) (a)) f, and reflected in the obligations set out in Article 24 (1), Article 25 (1), Article 32 (1 ) (b ) and (d) and Article 32 (2)74 KB (11,513 words) - 09:58, 17 November 2023
- HDPA (Greece) - 53/2022 (category Article 5(1)(a) GDPR)his compliance with the principles of article 5 par. 1 of the GDPR. 5. Furthermore, Article 6 para. 1 of the GDPR provides, among other things, that the50 KB (8,004 words) - 04:49, 14 December 2022
- AEPD (Spain) - E/08210/2021 (category Article 4(22) GDPR)authority. Under Article 60 GDPR, the following DPAs were identified as “concerned supervisory authorities” under Article 4(22) GDPR: the Netherlands,29 KB (4,457 words) - 10:34, 13 December 2023
- AEPD (Spain) - PS/00430/2018 (category Article 4(7) GDPR)( *** POSITION 1) for an infraction of Article 6.1.f) of the GDPR, in accordance with Article 83.5 of the GDPR ”. In the face of it, no allegations have40 KB (6,508 words) - 14:39, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9698724 (category Article 5(1)(a) GDPR)and 83, para. 4 and 5, of the same Regulation, as also referred to by art. 166, paragraph 2, of the Code. 5. Corrective measures (Article 58, par. 2, letter83 KB (13,648 words) - 11:30, 16 August 2022
- AEPD (Spain) - E/08452/2019 (category Article 4(12) GDPR)found that there had been a “personal data breach” pursuant to Article 4 (12) of the GDPR as a result of the publication on the municipal website regarding11 KB (1,651 words) - 13:42, 13 December 2023
- AEPD (Spain) - PS/00191/2020 (category Article 5(1)(c) GDPR)constitute a breach of Article 5(1)(c) GDPR? The AEPD held, that the actions of the defendant constitute an infringement of Article 5(1)(c) GDPR " Data Minimisation20 KB (2,973 words) - 14:09, 13 December 2023
- AEPD (Spain) - EXP202200429 (category Article 5(1)(c) GDPR)infringement of the GDPR, articles: -12 of the GDPR, in accordance with article 83.5.b) of the GDPR and 72.1.k) of the LOPDGDD, and -5.1.c) of the GDPR, in accordance56 KB (9,356 words) - 10:43, 13 December 2023
- CNPD (Luxembourg) - Délibération n° 13FR/2023 (category Article 5(1)(b) GDPR)their employees. The DPA found a violation of Article 5(1)(b) GDPR, Article 5(1)(c) GDPR and Article 13 GDPR. Following a visit to the premises of two public96 KB (13,984 words) - 16:57, 6 December 2023
- APD/GBA (Belgium) - 61/2020 (category Article 5(1)(d) GDPR)investigation,4 Article 98, 3 ° WOG - the parties are informed of “the possibility to obtain any documents they consider useful in thefile. ”5 Recital 20 GDPR. Page41 KB (6,354 words) - 16:59, 12 December 2023
- AEPD (Spain) - PS/00051/2020 (category Article 6(1)(a) GDPR)withdrawal of consent under Article 7(3) GDPR. The Authority also considers the existence of a deletion request under Article 17 GDPR. The AEPD concludes that31 KB (4,853 words) - 13:52, 13 December 2023
- limit of Section 5 no. 2 FM-GwG, so the duties of care set out in Section 5 no. 2 FM-GwG do not apply to the complainant. Pursuant to § 5 Z 4 FM-GwG, the obliged33 KB (5,254 words) - 13:33, 12 May 2023
- Garante per la protezione dei dati personali (Italy) - 9445324 (category Article 5(1)(a) GDPR)for in Article 83, paragraph 5, of the Regulation applicable, pursuant to Article 58, paragraph 2, letter i), of the Regulation itself and Article 166, paragraph19 KB (2,989 words) - 15:51, 6 December 2023
- AEPD (Spain) - PS/00335/2019 (category Article 6(1)(a) GDPR)subjects infringes Article 6 (1) (a) GDPR. The AEPD fined the data processor in an amount of 4,000 Euro for the violation of Article 6 (1) (a) GDPR. Since the21 KB (3,281 words) - 14:30, 13 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 8040/163/2019 (category Article 4(11) GDPR)(f) and 5 (3) of Directive 2002/58, read in conjunction with Article 2 (h) of Directive 95/46 and Regulation 2016/679 4 Article 6 (11) and Article 6 (1)29 KB (4,610 words) - 13:07, 3 March 2024
- AKI (Estonia) - 2.1-3/20/172 (category Article 16 GDPR)implement Regulation 2016/679 in order to comply with Article 84 and the right / obligation under Article 58 (5) of the Regulation to effectively punish the perpetrators28 KB (4,711 words) - 10:30, 13 December 2023
- AEPD (Spain) - PS/00436/2021 (category Article 13(1) GDPR)that, in cases of video surveillance, Article 22.4 LOPDGDD provides that the duty of disclosure in Article 12 GDPR may be fulfilled by placing a sign near20 KB (3,085 words) - 12:24, 13 December 2023
- AEPD (Spain) - EXP202201681 (category Article 13 GDPR)violation of article 5.1.f) of the GDPR (LCEur 2016, 605) , typified in article 83.5.a) of the GDPR, a penalty of warning, of in accordance with article 77 of195 KB (30,495 words) - 12:40, 13 December 2023
- AP (The Netherlands) - 10.12.2020 (Booking.com) (category Article 33(1) GDPR)controller within the meaning of Article 4(7) of the AVG. 3.4 Violation regarding the reporting of a violation 3.4.1 Introduction Article 33(1) of the AVG stipulates77 KB (12,915 words) - 17:15, 12 December 2023
- AEPD (Spain) - PS/00123/2020 (category Article 5(1)(f) GDPR)for the alleged violation of Article 5.1.f) of the RGPD, in relation to article 5 of the LOPDGDD, as indicated in article 83.5 a) of the RGPD. The telematic21 KB (3,254 words) - 14:02, 13 December 2023
- AEPD (Spain) - PS/00050/2020 (category Article 5(1)(a) GDPR)restaurant owner lawful in line of Article 5(1)(a) GDPR? The Spanish DPA concluded that there has been a breach of Article 5(1)(a) GDPR because the uploading of31 KB (5,083 words) - 13:51, 13 December 2023
- AEPD (Spain) - TD/00261/2020 (category Article 12 GDPR)provided in articles 12.5 and 15.3 of Regulation (EU) 2016/679 and in the sections 3 and 4 of article 13 of this organic law. " FIFTH: Article 15 of the RGPD provides23 KB (3,523 words) - 14:46, 13 December 2023
- AEPD (Spain) - EXP202211953 (category Article 5(1)(a) GDPR)adequate information under Article 13 GDPR, and for the processing of personal data in a manner contrary to Article 5(1)(a) of the GDPR. A data subject submitted85 KB (13,042 words) - 12:42, 13 December 2023
- AEPD (Spain) - PS/00332/2019 (category Article 5(1)(c) GDPR)2012 to 2019 that it was operating. Following Article 83(5)(a)GDPR, read in the lights of Recital (148) GDPR, the AEPD issued a reprimand to the owner of15 KB (2,275 words) - 14:29, 13 December 2023
- AEPD (Spain) - PS/00257/2020 (category Article 37 GDPR)specified time". In this sense, Article 77.1 c) and 2, 4 and 5 of the LOPGDD, indicates: 1. The regime established in this article shall apply to the processing18 KB (2,737 words) - 14:23, 13 December 2023
- AEPD (Spain) - PS/00152/2020 (category Article 33 GDPR)foundation was responsible for violating Article 33 GDPR, and issued it with a warning pursuant to Article 58(2)(b) GDPR. The AEPD did not find the former Secretary27 KB (4,243 words) - 14:06, 13 December 2023
- AEPD (Spain) - EXP202204806 (category Article 5(1)(b) GDPR)recorded images” (folio nº 1). SECOND: In accordance with article 65.4 of Organic Law 3/2018, of 5 December, of Protection of Personal Data and guarantee15 KB (2,313 words) - 10:35, 13 December 2023
- VG Mainz - 1 K 584/19.MZ (category Article 9(1) GDPR)infringes the basic data protection regulation depends on Art. 5 ff. DSGVO. Under Article 5(1)(a) DSGVO, personal data must be processed in a lawful manner58 KB (9,665 words) - 08:51, 25 November 2020
- OGH - 6Ob56/21k (request for preliminary ruling under Article 267 TFEU) (category Article 5(1)(c) GDPR)requirements of Article 6(1)(a) in conjunction with Article 7 GDPR, which cannot be superseded by relying on Article 6(1)(b) GDPR? Is Article 5(1)(c) GDPR (data122 KB (20,253 words) - 08:17, 19 August 2021
- AEPD (Spain) - PS/00369/2019 (category Article 5(1)(c) GDPR)inform the affected parties as provided for in Article 12 GDPR and Article 13 GDPR. According to Article 30(1) GDPR a record must be kept by the responsible28 KB (4,371 words) - 14:33, 13 December 2023
- HDPA (Greece) - 29/2023 (category Article 5(1)(c) GDPR)controller had violated Article 5(1)(c) GDPR and Article 15 GDPR. Firstly, the HDPA found that the controller violated Article 5(1)(c) GDPR because its transmission21 KB (3,334 words) - 09:12, 25 October 2023
- AEPD (Spain) - TD/00233/2020 (category Article 17 GDPR)free circulation of these data (hereinafter, GDPR); and in article 47 of the Law Organic 3/2018, of December 5, Protection of Personal Data and guarantee17 KB (2,670 words) - 14:46, 13 December 2023
- AP (The Netherlands) - 10.12.2020 (locatefamily.com) (category Article 27(1) GDPR)personal data within the meaning of Article 4, opening words and (1) of the AVG. Based on Article 2, paragraph 1 and Article 3, paragraph 2, of the AVG, the38 KB (6,339 words) - 17:14, 12 December 2023
- CNPD (Luxembourg) - Délibération n° 38FR/2021 (category Article 37(7) GDPR)Protection Officer (DPO) under Section 4 of Chapter 4 of the GDPR (see in particular Article 37 GDPR to Article 39 GDPR). One of these audit proceedings concerned81 KB (11,895 words) - 16:58, 6 December 2023
- Court of Appeal of Brussels - 2022/AR/1085 (category Article 52 GDPR)the grounds of (i) the absence of a high risk within the meaning of Article 35.5 GDPR and (ii) the fact that the present complaint is only a side dispute30 KB (4,204 words) - 09:54, 14 December 2023
- AEPD (Spain) - TD/00133/2020 (category Article 12 GDPR)has been received. Does the GDPR allow the data controller to ignore a request for erasure? The AEPD found that Article 12 GDPR does not allow the data controller18 KB (2,721 words) - 14:51, 13 December 2023
- AEPD (Spain) - EXP202206825 (category Article 6(1) GDPR)party was charged with claimed a violation of article 5.1.c) of the RGPD, typified in article 83.5.a) of the GDPR; considering that capturing images of shared31 KB (4,864 words) - 13:27, 13 December 2023
- established facts. Complaint part 3 is unfounded. Complaint part 4 (violation of the GDPR) 5.5. Like the chamber, the court finds that the junior civil-law16 KB (2,099 words) - 12:30, 4 October 2021
- AEPD (Spain) - PS/00221/2020 (category Article 14 GDPR)for an infringement of article 14 of the RGPD, typified in article 83.5 of the RGPD, a warning sanction, in in relation to article 74.a) of the LOPDGDD.29 KB (4,537 words) - 14:19, 13 December 2023
- AZOP (Croatia) - Decision 21-01-2022 (category Article 5(1)(a) GDPR)basis to process data subject’s phone number, and violated Article 5 and Article 6 GDPR. Second, the DPA found that data subject was insufficiently informed18 KB (2,722 words) - 15:26, 30 October 2023
- APD/GBA (Belgium) - 42/2022 (category Article 6(1)(f) GDPR)policy of the Disputes Chamber. 4 Cf. criterion A.5. in the dismissal policy of the Disputes Chamber. 5 Article 15.3 GDPR: “The right to obtain a copy referred13 KB (1,908 words) - 08:54, 29 June 2023
- CNPD (Luxembourg) - Délibération n° 41FR/2021 (category Article 37(7) GDPR)Protection Officer (DPO) under Section 4 of Chapter 4 of the GDPR (see in particular Article 37 GDPR to Article 39 GDPR). One of these audit proceedings concerned56 KB (8,326 words) - 16:57, 6 December 2023
- AEPD (Spain) - PS/00452/2019 (category Article 83(5)(a) GDPR)GPRD), an offense under Article 83(5)(a) of the GPRD and described as very serious in article 72.1. a) of Organic Law 3/2018 of 5 December, on Protection25 KB (4,037 words) - 14:55, 13 December 2023
- AEPD (Spain) - PS/00112/2020 (category Article 13 GDPR)infringement of article 21.1 of the LSSI, typified in Article 38.4.d) of theLSSI, a sanction of warning.B) For an infringement of article 13 of the RGPD29 KB (4,402 words) - 14:00, 13 December 2023
- APD/GBA (Belgium) - 04/2021 (category Article 5(1) GDPR)of the GDPR: art. 5.1 a, 12.1, 13, 14, 6, 7, 5.1.c in conjunction with 25, 5.2, 28.3, 31, 37 and 38 AVG. 63. With regard to Article 5 (1) (a) GDPR, the defendant113 KB (18,732 words) - 16:50, 12 December 2023
- AEPD (Spain) - EXP202203956 (category Article 6(1) GDPR)hereinafter, LPACAP), for the alleged infringement of Article 6.1 of the GDPR, typified in Article 83.5 of the GDPR. FIFTH: Notified of the aforementioned start-up52 KB (8,323 words) - 13:17, 13 December 2023
- HDPA (Greece) - 50/2021 (category Article 5(1)(a) GDPR)information in accordance with Article 13 GDPR. In addition, the HDPA found that the Ministry violated the obligation of Article 35(9) GDPR in relation to the expression5 KB (548 words) - 09:23, 12 October 2022
- APD/GBA (Belgium) - 157/2023 (category Article 21(2) GDPR)merits in accordance with Article 98 et seq. of the WOG, to: - on the basis of Article 58.2.c) of the GDPR and Article 95, § 1, 5° of the WOG the order the17 KB (2,723 words) - 16:34, 26 January 2024
- AEPD (Spain) - PS/00076/2021 (category Article 6(1) GDPR)procedure to the claimed, by the alleged violation of Article 6 of the RGPD, typified in Article 83.5 b) of the RGPD. SIXTH: Notified the initiation agreement15 KB (2,292 words) - 13:56, 13 December 2023
- AEPD (Spain) - PS/00366/2019 (category Article 5(1)(d) GDPR)authorities an infringement of Article 5 (1) (d) GDPR? The AEPD agreed to impose a penalty for infringement of Article 5 (1) (d) for lack of accuracy in29 KB (4,583 words) - 14:32, 13 December 2023
- GHDHA - 200.274.807 / 01 (category Article 6(1)(f) GDPR)her life. Her objection to processing follows from Article 21(1) GDPR. ING argues that Article 21(1) GDPR cannot be relied on in this case because it applies29 KB (4,710 words) - 12:25, 4 October 2021
- BAG - 9 AZR 383/19 (category Article 38(3) GDPR)force of the GDPR, the controller also sent him a separate revocation letter referring to the operational reasons under Article 38(3) GDPR, second sentence40 KB (6,019 words) - 14:13, 28 November 2023
- AEPD (Spain) - TD/00317/2019 (category Article 12 GDPR)2 2/6THIRD: On October 30, 2019, in accordance with article 65.4 ofOrganic Law 3/2018, of December 5, on the Protection of Personal Data andguarantee of18 KB (2,591 words) - 14:47, 13 December 2023
- AEPD (Spain) - TD/00164/2020 (category Article 12 GDPR)provisions of articles 12.5 and 15.3 of the Regulation (EU) 2016/679 and in sections 3 and 4 of article 13 of this organic law. " FIFTH: Article 17 of the RGPD provides17 KB (2,571 words) - 14:51, 13 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 3831/161/21 (category Article 5(1)(e) GDPR)Finnish DPA found a retail chain to have breached Article 5(1)(e) GDPR, Article 25(1) GDPR and Article 25(2) GDPR for its lengthy storage of purchase behaviour61 KB (9,477 words) - 13:38, 12 January 2024
- Garante per la protezione dei dati personali (Italy) - 9269618 (category Article 5(1)(f) GDPR)personal data, approved with resolution of n. 98 of 4/4/2019, published in the Official Gazette no. 106 of 8/5/2019 and in www.gpdp.it, doc. web no. 910763334 KB (4,967 words) - 15:46, 6 December 2023
- DSB (Austria) - 2020-0.605.768 (category Article 40 GDPR)conducts under Article 41 GDPR (redacted as "code S***", code M*** and code U***"). These codes had been approved by the DSB under Article 40(5) GDPR. Inverstigations19 KB (2,799 words) - 13:52, 12 May 2023
- AEPD (Spain) - EXP202200439 (category Article 83(5)(a) GDPR)constitutes sensitive data within the meaning of Article 9 GDPR. The DPA alluded to Article 9(1) GDPR which prohibits the processing of these special categories36 KB (5,608 words) - 13:01, 13 December 2023
- AEPD (Spain) - PS/00102/2020 (category Article 5(1)(f) GDPR)with NIF A95758389, for the alleged violation of article 5.1 f) of the RGPD,typified in article 83.5 a) of the RGPDSECOND: ORDER IBERDROLA CLIENTES, SAU21 KB (3,082 words) - 13:59, 13 December 2023
- AEPD (Spain) - PS/00069/2020 (category Article 83(5) GDPR)Procedure"), LPACAP), for the alleged violation of Article 6.1.a) of the RGPD, typified in Article 83.5 of the GPRS. FOURTH: Once the above-mentioned agreement20 KB (3,066 words) - 13:55, 13 December 2023
- AEPD (Spain) - PS/00423/2019 (category Article 13 GDPR)information under Article 13 GDPR is illegal. Consequently, the APED decided to issue a fine of €1.500 for the violation of Article 13 GDPR. Share your comments23 KB (3,636 words) - 14:38, 13 December 2023
- Datatilsynet (Norway) - 20/01879 (category Article 24 GDPR)able to demonstrate this, cf. Article 5 (2). 5.4 The requirements for personal data security and management systems Article 32 of the Privacy Regulation30 KB (4,302 words) - 18:53, 5 March 2022
- AEPD (Spain) - PS/00235/2020 (category Article 6(1) GDPR)(hereinafter, LPACAP), for the alleged violation of Article 6.1 of the RGPD, typified in Article 83.5 of the RGPD. FIFTH: Once the aforementioned start-up24 KB (3,766 words) - 14:21, 13 December 2023
- AEPD (Spain) - PS/00220/2020 (category Article 5(1)(d) GDPR)claimed, by the alleged infringement of article 5.1.d) of the RGPD, article 17 of the RGPD, typified in the Article 83.5 of the RGPD. FOURTH: Once the aforementioned28 KB (4,295 words) - 14:11, 13 December 2023
- AEPD (Spain) - PS/00484/2020 (category Article 6(1)(a) GDPR)messages. Is this a violation of Article 6(1)(a) GDPR? The AEPD held that this behaviour was a violation of Article 6(1)(a) GDPR and fined Vodafone €100,00027 KB (4,189 words) - 14:44, 13 December 2023
- HDPA (Greece) - 47/2022 (category Article 28(3) GDPR)subject to the provision of Article 25(4) of Law 1756/88. Consequently, its provisions were not applicable in this case of Article 5 of the Civil Code and the25 KB (3,943 words) - 14:32, 28 September 2022
- AEPD (Spain) - PS/00198/2020 (category Article 6(1) GDPR)measurespre-contractual;(…) "The offense is typified in Article 83.5 of the RGPD, which considers as such:"5 . Violations of the following provisions will be24 KB (3,769 words) - 14:10, 13 December 2023
- AEPD (Spain) - PS/00173/2020 (category Article 5(1)(d) GDPR)for the allegedviolation of article 5.1.f) of the RGPD, sanctioned in accordance with the provisions of theArticle 83.5.a) of the aforementioned RGPD22 KB (3,424 words) - 14:06, 13 December 2023
- Persónuvernd - 2020010678 (category Article 5(1) GDPR)the provisions of Act no. 33/2013 on consumer loans, ie. Article 5 (now k) Article 5 and Article 10. which stipulate that the consumer's credit rating is26 KB (4,135 words) - 09:59, 6 May 2021
- Cass.Civ. - 9313/2023 (category Article 12(5) GDPR)there was a wrong application of Articles 12 and 15 GDPR. The DPA highlighted that Article 12 GDPR burdens the controller with the obligation to provide13 KB (1,994 words) - 14:01, 21 June 2023
- Garante per la protezione dei dati personali (Italy) - 9685947 (category Article 28 GDPR)personal data, approved by resolution no. 98 of 4/4/2019, published in the Official Gazette n. 106 of 8/5/2019 and in www.gpdp.it, doc. web n. 9107633 (hereinafter115 KB (18,595 words) - 11:30, 16 August 2022
- BVwG - W274 2232028-1/3E (category Article 5 GDPR)is only determined by Article 5 et seqq. GDPR. A violation of Article 13 or 14 GDPR can be fined under Article 83(5) GDPR but it does not affect the lawfulness32 KB (5,232 words) - 09:40, 10 September 2021
- AEPD (Spain) - EXP202205820 (category Article 6 GDPR)according to article 4.1 of the GDPR, are a Personal data and its protection, therefore, is the subject of said Regulation. In the article 4.2 of the GDPR defines61 KB (9,700 words) - 13:21, 13 December 2023
- AEPD (Spain) - PS/00026/2021 (category Article 21 GDPR)processor, Vamavi Phone SL, had violated Article 48(1) LGT, Article 21 GDPR in link with Article 23 LOPDGDD and Article 28 GDPR by making a commercial call on behalf33 KB (5,185 words) - 13:48, 13 December 2023
- AEPD (Spain) - PS/00479/2019 (category Article 5(1)(c) GDPR)minimisation principle related, as per Article 5(1)(c) GDPR, and the lack of transparent information, as per Article 12 GDPR. The decision is the consequence17 KB (2,541 words) - 14:43, 13 December 2023
- AKI (Estonia) - 2.1.-3/19/3971 (category Article 15 GDPR)provide data that the data subject already possesses under Articles 13(4) and 14(5) GDPR. Thus, the DPA found that the company has adequately fulfilled the4 KB (423 words) - 10:30, 13 December 2023
- AEPD (Spain) - PS/00334/2020 (category Article 6(1) GDPR)(hereinafter, LPACAP), for the alleged violation of Article 6.1 of the RGPD, typified in Article 83.5 of the GDPR. FIFTH: Once the aforementioned commencement16 KB (2,328 words) - 14:30, 13 December 2023
- AEPD (Spain) - PS/00113/2019 (category Article 5(1)(a) GDPR)for the alleged violation of Article 5.1.f) of the RGPD, in relation to article 5 of the LOPDGDD, as indicated in article 83.5 a) of the RGPD. FIFTH: Once23 KB (3,836 words) - 14:01, 13 December 2023
- CNIL (France) - SAN-2020-003 (category Article 5(1)(c) GDPR)principle, namely the breaches of articles 5-1-c), 5 -1 e), 13, 32 and 35-1 of the GDPR; no breach of Article 6 of the GDPR and of Directive 2002/58 / EC of the61 KB (10,028 words) - 17:09, 6 December 2023
- AEPD (Spain) - E/00113/2019 (category Article 4(11) GDPR)unequivocal consent to the processing of his personal data according to Article 4(11) GDPR. The AEPD noted that to determine whether FEDA, having regard to the27 KB (4,497 words) - 13:38, 13 December 2023
- AP (The Netherlands) - 31.05.2021 (category Article 32 GDPR)other things, article 4 paragraph 1 SUWI and the ZBO register of the Dutch central government. See article 2 paragraph 2 SUWI and article 4 paragraph 1 SUWI106 KB (14,502 words) - 17:09, 12 December 2023
- AEPD (Spain) - PS/00014/2020 (category Article 6(1) GDPR)SIXTH: On March 4, 2020, a motion for a resolution was formulated, A78923125, for a violation of article 6 of the RGPD, typified in article 83.5 of the RGPD21 KB (3,441 words) - 13:46, 13 December 2023
- APD/GBA (Belgium) - 71/2020 (category Article 4(1) GDPR)point 4.7. of the judgment article 6, d) and article 6, e) of the GBA law, but this should be read as article 6.1. d) and Article 6.1. e) of the GDPR. Decision79 KB (12,260 words) - 17:00, 12 December 2023
- Gerechtshof Amsterdam - 200.258.200/01 (category Article 6(1)(f) GDPR)ING's IVR. 2.4 [Appellant] subsequently asked ING on several occasions to remove its data from the IVR. ING did not comply with these requests. 2.5 ING informed16 KB (2,462 words) - 12:29, 4 October 2021
- BAC (Bulgaria) - 2606/2021 (category Article 4(12) GDPR)controller, under Article 24 and 32 of the GDPR, which led to a breach of the security of personal data under Article 4(12) of the GDPR, and no proof that13 KB (1,761 words) - 09:58, 14 December 2023
- AEPD (Spain) - PS/00291/2019 (category Article 6(1)(a) GDPR)MEDISALUD, dated February 28, 2019, in accordance with article 65.4 of Organic Law 3/2018, dated December 5, on the Protection of Personal Data and the Guarantee33 KB (5,396 words) - 14:26, 13 December 2023
- APD/GBA (Belgium) - 138/2022 (category Article 5(1)(a) GDPR)an infringement of Article 5 (1) a), b) and c) and (2) of the GDPR and Article 24 (1) of the GDPR; and - an infringement of article 8 of the law of 2143 KB (6,274 words) - 08:57, 29 June 2023
- AEPD (Spain) - PS/00040/2020 (category Article 15 GDPR)12/13 public, as indicated in article 77.1. c) and 2. 4. 5. and 6. of the LOPDDGG: “1. The regime established in this article will be applicable to the treatments38 KB (6,303 words) - 13:50, 13 December 2023
- AEPD (Spain) - PS/00054/2020 (category Article 5(1)(c) GDPR)violation of article 5.1.c), typified in article 83.5 of the aforementioned rule, a sanction of APPEARANCE. SECOND: ORDER, under the provisions of article 58.237 KB (6,022 words) - 13:52, 13 December 2023
- APD/GBA (Belgium) - 39/2020 (category Article 5(1)(f) GDPR)electoral rolls. In accordance with Article 14(5)(c) AVG, information must be provided in Article 14, paragraph 1 and Article 14(2) AVG are not mentioned when62 KB (10,509 words) - 16:58, 12 December 2023
- AEPD (Spain) - PS/00174/2019 (category Article 5(1)(f) GDPR)organisation contravene Article 5(1)(f) GDPR? The AEPD found that the disclosure of her personal data to the 400 members violated Article 5(1)(f) GDPR. The AEPD stressed18 KB (2,714 words) - 14:07, 13 December 2023
- AEPD (Spain) - PS/00028/2021 (category Article 5(1)(c) GDPR)(hereinafter, LPA- CAP), for the alleged violation of Article 5.1.c) of the RGPD, typified in Article 83.5 of the GDPR. SEVENTH: Once the aforementioned commencement25 KB (3,876 words) - 13:48, 13 December 2023
- AEPD (Spain) - PS/00182/2020 (category Article 6(1) GDPR)(hereinafter, LPACAP), for the alleged violation of Article 6.1 of the RGPD, typified in Article 83.5 of the RGPD. FIFTH: Once the aforementioned commencement21 KB (3,154 words) - 14:07, 13 December 2023
- APD/GBA (Belgium) - 74/2020 (category Article 6(1)(f) GDPR)the basis of Article 58, paragraph 2, point b) GDPR and Article 100, §1, 5 ° WOG to be reprimanded for the infringement of Article 25 (1) GDPR; b. on the82 KB (12,100 words) - 17:01, 12 December 2023
- Garante per la protezione dei dati personali (Italy) - 9468523 (category Article 5(1) GDPR)identity "(Article 4, par. 1, 1, of the GDPR). The processing of personal data must also take place in compliance with the principles indicated in art. 5 of the22 KB (3,488 words) - 15:52, 6 December 2023
- AZOP (Croatia) - Decision 29-06-2022 (Center for Social Welfare) (category Article 5 GDPR)under a legal obligation to process these data. Article 29 of the Croatian Labour Act and Article 5(4) of the Labour Law Rulebook (Official Gazette, no17 KB (2,660 words) - 15:35, 30 October 2023
- AEPD (Spain) - PS/00148/2019 (category Article 6 GDPR)against privacy included in Article 197(1) of the Spanish Criminal Code, with the aggravating circumstance from Article 197(5) of being data related to the48 KB (7,550 words) - 14:05, 13 December 2023
- AEPD (Spain) - PS/00341/2020 (category Article 5 GDPR)principles are found under Article 5(1)(a) and Article 5(2) GDPR respectively]. The Spanish DPA even made reference to Recital 40 GDPR on the legality of processing32 KB (4,831 words) - 14:31, 13 December 2023
- NAIH (Hungary) - NAIH-373-31/2023 (category Article 5(1)(b) GDPR)according to Article 4, point 11, as well as the Restrictions according to Article 7 GDPR. (149) According to Article 5 (1) point b) of the GDPR, personal140 KB (23,189 words) - 08:25, 20 February 2024
- IP - 0610-376/2020/35 (category Article 13(1) GDPR)should comply with the criteria set out in Article 6. (4) General Regulations. The application of Article 6 (4) of the General Regulation to a change in110 KB (17,995 words) - 11:15, 22 April 2021
- APD/GBA (Belgium) - 135/2022 (category Article 4(23) GDPR)held that the controller violated Article 12(1) GDPR, Article 12(2) GDPR, Article 15(1) GDPR and Article 15(3) GDPR. The controller had deleted the data39 KB (5,674 words) - 08:57, 29 June 2023
- DVI (Latvia) - SIA "TET" (category Article 5(1)(a) GDPR)violation of Article 5(1)(a), (b), (d) and (e) GDPR. Furthermore, there was no legal basis for these processing operations under Article 6(1) GDPR. The DPA114 KB (17,942 words) - 15:46, 2 November 2022
- ANSPDCP (Romania) - S.C. Viva Credit IFN S.A. (category Article 12(4) GDPR)a violation of GDPR Art. 17 and Art. 12(3) & (4). The National Supervisory Authority found that there had been a violation of the GDPR and imposed a fine4 KB (565 words) - 15:20, 13 December 2023
- AEPD (Spain) - PS/00023/2020 (category Article 5(1)(c) GDPR)the respondent, by the alleged violation of Article 5.1.c) of the RGPD, as defined in Article 83.5 of the GDPR. SIXTH: Formal notification of the agreement21 KB (3,298 words) - 13:46, 13 December 2023
- Persónuvernd (Iceland) - 2020061954 (category Article 14(1) GDPR)Point 6 of Article 3 Act no. 90/2018 and item 7 of Article 4. of Regulation (EU) 2016/679, cf. and the first and second paragraphs. Article 4 Epidemiology88 KB (14,189 words) - 09:58, 7 December 2021
- IMY (Sweden) - DI-2021-5595 (category Article 5(1)(f) GDPR)show that the basics the principles of Article 5 of the Data Protection Regulation are complied with (Article 5 (2)). The person responsible for personal47 KB (5,207 words) - 18:51, 21 March 2022
- VG Berlin - 1 K 90.19 (category Article 15 GDPR)number: 1 K 90.19 Document type: Judgment Source: Legal norms: § 59 (4) BDSG, § 113 (5) sentence 1 VwGO Tenor The defendant is ordered to provide the applicant10 KB (1,324 words) - 13:46, 15 September 2021
- UODO (Poland) - ZSZZS.440.768.2018 (category Article 5(1)(c) GDPR)connection with Article 5 paragraph 1 point c, Article 9 paragraph 1, Article 58 paragraph 2 point f, point g and point i and with Article 83 paragraph 232 KB (5,139 words) - 10:02, 17 November 2023
- GHAL - 200.256.387 (category Article 6(1)(c) GDPR)certain data to be delete. It brought a legal action based on Article 17 GDPR and Article 21 GDPR, read in conjunction with the Dutch Data Protection Act (Wet27 KB (4,289 words) - 07:57, 7 March 2022
- AEPD (Spain) - PS/00093/2019 (category Article 5(1)(f) GDPR)violation of Article 5.1.f) of the RGPD, an action that can be subsumed under the sanctioning type of article 83.5 of the RGPD. IV Article 58 of the RGPD37 KB (5,995 words) - 13:58, 13 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 4431/161/21 (category Article 5(1)(a) GDPR)DPA held that the controller had violated Article 5(1)(a) GDPR, Article 5(1)(c) GDPR and Article 25(2) GDPR. As a result, the DPA issued a reprimand to54 KB (8,279 words) - 13:53, 21 March 2024
- Gerechtshof Amsterdam - 200.258.736/01 (category Article 15 GDPR)proceedings. 2.5 Subsequently, [appellants] submitted various requests to ABN AMRO relating to the provision of information. 2.6 By letter of 5 March 201841 KB (7,150 words) - 12:30, 4 October 2021
- Gerechtshof Amsterdam - 200.280.852/01 (category Article 6(1)(e) GDPR) (section Was the introduction of Proctorio compliant with the GDPR?)possible. 3.5.4 All in all, the conclusion is that there are insufficient grounds for granting the claim. The appeal of CSR et al. fails. 3.5.5 The failure53 KB (8,177 words) - 12:30, 4 October 2021
- AEPD (Spain) - PS/00172/2020 (category Article 6(1) GDPR)defendant, in accordance with the provisions of article 65.4 of the Law Organic 3/2018, of December 5, Protection of Personal Data and guarantee of digital38 KB (6,160 words) - 14:06, 13 December 2023
- aepd.es 28001 – Madrid sedeagpd.gob.es 4/6 The physical image of a person, in accordance with article 4.1 of the GDPR, is data personnel and their protection17 KB (2,461 words) - 13:22, 13 December 2023
- AEPD (Spain) - EXP202202088 (category Article 5(1)(c) GDPR)hereinafter, LPACAP), for the alleged infringement of Article 5.1.c) of the RGPD, typified in Article 83.5 of the RGPD. SIXTH: On 06/27/22 the first brief of22 KB (3,380 words) - 13:02, 13 December 2023
- AEPD (Spain) - PS/00249/2020 (category Article 5(1)(b) GDPR)the presumed infringement of article 5.1 b) of the RGPD, typified in Article 83.5 a) of the RGPD, in relation to Article 72.1 a) of the LOPDGDD. SECOND:20 KB (3,097 words) - 14:22, 13 December 2023
- AEPD (Spain) - PS/00120/2020 (category Article 13 GDPR)to the claimed, by thealleged violation of Article 5.1.c), 5.1 f) and 13 of the RGPD, typified in Article83.5 of the RGPD.FIFTH. On 07/29/20, a Proposal31 KB (4,808 words) - 14:01, 13 December 2023
- UODO (Poland) - ZSOŚS.421.25.2019 (category Article 5(1)(e) GDPR)confidentiality of personal data (Article 5 (1) (f) of Regulation 2016/679) or rules for limiting data storage (Article 5 (1) (e) of Regulation 2016/679)156 KB (25,012 words) - 10:01, 17 November 2023
- AEPD (Spain) - PS/00068/2020 (category Article 6(1) GDPR)violation of the article6.1. of the RGPD, in relation to article 20 e) of the LOPDGDD, typifiedin article 83.5.a) of the aforementioned GDPR.2. TO appoint27 KB (4,106 words) - 13:55, 13 December 2023
- AEPD (Spain) - PS/00219/2019 (category Article 5(1)(d) GDPR)>>) " The violation of article 5.1.d) of the RGPD is typified in article 83.5 of Regulation (EU) 2016/679 in the following terms: "5. Violations of the following37 KB (5,785 words) - 14:11, 13 December 2023
- AEPD (Spain) - PS/00275/2019 (category Article 5(1)(f) GDPR)LPACAP), for the alleged infringement of Article 5.1(f) of the GDPR, as defined in Article 83.5(a) of the GDPR. FOURTH: Having been notified of the above-mentioned21 KB (3,335 words) - 14:25, 13 December 2023
- UODO (Poland) - DKN.5101.25.2020 (category Article 5(1)(f) GDPR)finding an infringement by U. Sp. z o.o. with its registered office in G. Article. 5 sec. 1 lit. f, art. 24 sec. 1, art. 25 sec. 1, art. 32 sec. 1 lit. d,63 KB (10,088 words) - 09:52, 17 November 2023
- AEPD (Spain) - PS/00206/2020 (category Article 6 GDPR)procedure to the claimed, by thealleged infringement of Article 6 of the RGPD, typified in Article 83.5 a) of the RGPDand considered very serious in 72.1.a)20 KB (3,078 words) - 14:10, 13 December 2023
- BVwG - W214 2233132-1/27E (category Article 15 GDPR)2023 standard B-VG Art 133 Paragraph 4 DSG §24 DSG §4 GDPR Art 12 GDPR Art 15 GDPR Art 15 Paragraph 1 litc GDPR Art77 UWG §26b paragraph 1 B-VG Art. 13387 KB (14,194 words) - 10:07, 15 February 2024
- APD/GBA (Belgium) - 140/2022 (category Article 16 GDPR)of his right to rectification, as referred to in Article 16 of the GDPR. 5. Pursuant to Article 12.3 GDPR, the controller must inform the data subject without17 KB (2,477 words) - 08:51, 29 June 2023
- Datatilsynet (Norway) - 20/02191 (category Article 5(1)(f) GDPR)processing special categories of data, cf. Article 32(1)(b) GDPR, Article 32(1)(d), Article 24 and Article 35, cf. Article 5. In May 2019, a municipality reported38 KB (5,967 words) - 11:48, 7 May 2022
- AEPD (Spain) - PS/00227/2020 (category Article 6(1) GDPR)Articles 6 and 13 GDPR? The AEPD decided to impose, for infringement of Article 6 GDPR, a fine of € 10000 and, for infringement of Article 13 GDPR, a fine of46 KB (7,230 words) - 14:20, 13 December 2023
- AEPD (Spain) - PS/00351/2019 (category Article 58(2)(c) GDPR)to as the LPACAP), on the alleged breach of Article 58 (2) GDPR as laid down in Article 83 (5) of the GDPR. SIXTH:At the time of notification of the said17 KB (2,739 words) - 14:31, 13 December 2023
- TS - 1039/2022 (category Article 5(1)(c) GDPR)provided for in Article 18 GDPR. As explained by the Court, Article 18(1) GDPR, in particular in paragraph (d), is linked to Article 21(1) GDPR, which guarantees44 KB (6,561 words) - 14:24, 24 November 2022
- DSB (Austria) - D122.844/0006-DSB/2018 (category Article 12(5) GDPR)coming into force of the GDPR on 25. 5. 2018. Can a controller charge for access to historic account data under Article 15 GDPR? Is GDPR applicable to a case19 KB (2,936 words) - 13:55, 12 May 2023
- AKI (Estonia) - 2.1-3/20/347 (category Article 15(1) GDPR)of the recognition for internal use is 5 + 5 + 5 years. The normal term is 5 years, which can be extended once by 5 years . Ten years may be too short to26 KB (4,193 words) - 10:30, 13 December 2023
- DSB (Austria) - 2020-0.191.240 (category Article 4(1) GDPR)DSGVO), OJ L 119, 4.5.2016 p. 1; Article 16 of the Treaty on the Functioning of the European Union (TFEU), OJ No C 202, 7.6.2016, p. 1; Article 8 of the Charter66 KB (10,546 words) - 13:50, 12 May 2023
- AEPD (Spain) - PS/00315/2020 (category Article 28 GDPR)contemplates in its article 76, entitled “San- corrective measures and actions ”: "1. The sanctions provided for in sections 4, 5 and 6 of article 83 of the Regulation62 KB (10,401 words) - 14:35, 21 November 2023
- AEPD (Spain) - PS/00085/2021 (category Article 6(1)(a) GDPR)A.U., with NIF A80907397, for the alleged violation of article 6.1. GDPR typified in article 83.5.a) of the aforementioned RGPD. 1. APPOINT Mr. D.D.D. as28 KB (4,350 words) - 13:57, 13 December 2023
- Datatilsynet (Denmark) - 2019-431-0018 (category Article 5(1)(b) GDPR)legitimate and explicit purpose. Therefore, it was contrary to Article 5(1)(b) GDPR and Article 6 GDPR. In addition, the DPA found that the controller did not18 KB (2,667 words) - 16:29, 6 December 2023
- AEPD (Spain) - PS/00417/2019 (category Article 83(4) GDPR)stating that it is not included among the assumptions of Article 37 GDPR nor among the ones in Article 34 of the Spanish Law on Personal Data Protection (LOPDGDD)16 KB (2,298 words) - 14:36, 13 December 2023
- GHDHA - C/09/574422 / HA RK 19-368 (category Article 1 GDPR)obligation (Article 4:32 § 1 Wft). Therefore, Article 6(1)(c) GDPR was relevant. However, the Court highlighted that the phrase "at least on" in Article 6(1)43 KB (7,297 words) - 12:26, 4 October 2021
- AEPD (Spain) - PS/00030/2020 (category Article 12 GDPR)sedeagpd.gob.es 4/7 Article 22 section 4 LOPDGDD (LO 3/2018, December 5) provides the following: “The duty of information provided for in article 12 of Regulation19 KB (2,965 words) - 13:49, 13 December 2023
- APD/GBA (Belgium) - 31/2022 (category Article 5(1)(a) GDPR)processing of his personal data would be based 5. 1, a) GDPR, Article 6, Article 12.1 GDPR and Article 14.1 a) GDPR. 67. Moreover, a controller, in this case84 KB (12,933 words) - 16:46, 12 December 2023
- AEPD (Spain) - PS/00268/2020 (category Article 13 GDPR)Policy on their website (Article 13 GDPR) and for the absence of a reject button on the second layer of their Cookie Policy (Article 22(2) LSSI). The claimant17 KB (2,700 words) - 14:23, 13 December 2023
- Datatilsynet (Denmark) - 2019-31-1713 (category Article 23 GDPR)the processing is thus in accordance with Article 5 (1) of the Data Protection Regulation. 1 (c) and Article 5 (1). Paragraph 1 (e), where processing and33 KB (5,177 words) - 16:23, 6 December 2023
- AEPD (Spain) - PS/00266/2019 (category Article 13 GDPR)with the provisions of article 58.2.b) of the RGPD, for the alleged infringement of article 13 of the RGPD, typified in article 83.5.b) of the RGPD SECOND:28 KB (4,459 words) - 14:23, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9524175 (category Article 5(1)(a) GDPR)administrative sanction provided for in Article 83(4) and (5) of the Regulation applicable, pursuant to Articles 58(2)(i) and 83(5) of the Regulation itself as also20 KB (3,133 words) - 15:53, 6 December 2023
- AEPD (Spain) - EXP202100897 (category Article 83(5)(a) GDPR)basis for the processing (Article 21(1) GDPR). Finally, the DPA fined the controller €12,000 for a violation of Article 6(1) GDPR due to the lack of a valid72 KB (11,671 words) - 13:34, 13 December 2023
- DSB (Austria) - D130.073/0008-DSB/2019 (category Article 32 GDPR)process for user registrations, the respondent violated Article 5 GDPR, Article 6 GDPR, and Article 32 GDPR, and § 1 para 1 DSG (the Austrian Data Protection25 KB (3,605 words) - 13:59, 12 May 2023
- CE - 437808 (category Article 83 GDPR)Secondly, under Article 83 of the GDPR: "1. Each supervisory authority shall ensure that administrative fines imposed under this article for violations13 KB (1,928 words) - 09:51, 10 September 2021
- Datatilsynet (Denmark) - 2019-32-0988 (category Article 5(1)(e) GDPR)data in accordance with Article 5 of the Regulation, including in particular the principle of data minimization, cf. Article 5 (1) of the Regulation. 145 KB (7,151 words) - 16:24, 6 December 2023
- AEPD (Spain) - PS/00405/2020 (category Article 6(1)(a) GDPR)complained party, by the alleged infringement of article 6.1.a) of the RGPD, typified in article 83.5 of the GDPR. EIGHTH: The agreement to initiate this sanctioning20 KB (3,047 words) - 14:35, 13 December 2023
- CNIL (France) - SAN-2021-024 (section The material competence of the CNIL and the non-application of the "one-stop shop" mechanism provided for by the GDPR)According to Article 94 of the GDPR "references to the repealed directive must be understood as references to the [GDPR]". 84. Under Article 4, paragraph82 KB (13,428 words) - 17:02, 6 December 2023
- AEPD (Spain) - PS/00324/2020 (category Article 5(1)(f) GDPR)alleged infringement of Article 5(1)(f) GDPR. Does the action of the defendant constitute a violation of Article 5(1)(f) GDPR? Considering the evidence25 KB (3,670 words) - 14:28, 13 December 2023
- AEPD (Spain) - PS/00055/2020 (category Article 5(1)(c) GDPR)procedure to the claimed, by thealleged violation of Article 5.1.c) of the RGPD, typified in Article 83.5 of theRGPD.FIFTH: On 07/10/20 this Agency receives13 KB (1,964 words) - 13:52, 13 December 2023
- UODO (Poland) - DKN.5131.31.2021 (category Article 5(1)(a) GDPR)controller violated Article 33(1) GDPR by failing to inform the DPA of the data breach. Second, the DPA held that the controller violated Article 28(1), (3) and105 KB (17,237 words) - 09:22, 10 May 2023
- [The equivalent GDPR Article to Article 48(3)(a) EU GDPR is Article 46(3)(a) GDPR, and Article 50(1)(d) EU GDPR is Article 49(1)(d) GDPR.] Share blogs or73 KB (9,347 words) - 13:28, 26 July 2023
- AEPD (Spain) - PS/00155/2021 (category Article 83(5)(e) GDPR)sanction Vodafone in accordance with Article 83(5)(e) GDPR, for the non-compliance with an order pursuant to Article 58(1) GDPR. For this infringement, the AEPD20 KB (2,992 words) - 13:30, 13 December 2023
- AEPD (Spain) - PS/00070/2020 (category Article 5(1)(a) GDPR)publication of the judgment breach the GDPR? The AEPD held that the respondent’s actions violated the GDPR Article 5(1)(a) requirement that processing must43 KB (7,001 words) - 13:56, 13 December 2023
- AZOP (Croatia) - Decision 29-06-2022 (bank) (category Article 5 GDPR)the principles of lawfulness and fairness of Article 5 GDPR and without a legal basis under Article 6 GDPR. A bank (the controller) organized prize games20 KB (3,166 words) - 15:36, 30 October 2023
- AEPD (Spain) - PS/00190/2020 (category Article 5(1)(f) GDPR)violation of article 5.1.f) of the RGPD, typified in article 83.5 of the GDPR. C / Jorge Juan, 6 www.aepd.es 28001 - Madrid sedeagpd.gob.es 2/5 FOURTH: On14 KB (2,143 words) - 14:09, 13 December 2023
- APD/GBA (Belgium) - 141/2021 (category Article 38(6) GDPR)order that there is no violation of articles 5.1(c), 5.1(d), 5.1(e) and 5.1(f). Articles 5.1(c), (d) and (f), 5.2, 12, 16, 24, 25, 30.1, 31, 32, 38.3 and90 KB (14,937 words) - 12:35, 3 August 2022
- AEPD (Spain) - PS/00006/2022 (category Article 12 GDPR)violation of the Article 12 of the GDPR, in conjunction with Article 17 of the GDPR. V Classification of the infringement of article 12 of the GDPR The aforementioned54 KB (8,870 words) - 10:43, 13 December 2023
- AEPD (Spain) - TD/00109/2020 (category Article 15 GDPR)prejudice to Articles 12(5) and 15(3) of the EU Regulation 2016/679 and in Article 13(3) and (4) of this Organic Law". FIFTH: Article 15 of the RGPD provides19 KB (3,100 words) - 14:50, 13 December 2023
- Gerechtshof Amsterdam - C/13/640898/HARK17-386 (category Article 6(1)(c) GDPR)proportionality within the meaning of Article 5.2.1(c) of the Protocol. In view of the considerations set out in point 3.4 above, high requirements must be26 KB (4,225 words) - 16:00, 15 March 2022
- Norway, and not the GDPR. The DPA does, however, refer to corresponding Articles in the GDPR: Articles 5(1)(b) and (c), as well as Article 17. Share blogs43 KB (6,983 words) - 09:09, 21 August 2022
- AEPD (Spain) - PS/00247/2019 (category Article 32(4) GDPR)employee of the entity - infringes Article 32. 2 and 32.4 of the RGPD, an infringement punishable under Article 83.4.a of the GDPR. Assessing the circumstances39 KB (6,720 words) - 14:22, 13 December 2023
- AEPD (Spain) - PS/00303/2020 (category Article 6(1) GDPR)with NIF A80907397, for the alleged violation of article 6.1. of the RGPD typified in article 83.5.a) of the aforementioned RGPD. C / Jorge Juan, 6 www29 KB (4,480 words) - 14:27, 13 December 2023
- AEPD (Spain) - PS/00385/2020 (category Article 6(1)(a) GDPR)their privacy policy in line with Article 6(1)(a) GDPR within a month. The AEPD also held that URLs 1-4 breached Article 22(2) of the Law 34/2002 (LSSI)55 KB (8,967 words) - 14:33, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9795350 (category Article 5(1)(a) GDPR)required by Article 12 GDPR. The DPA clarified that the right of information and the right of access are distinct. An access request under Article 15 GDPR is not90 KB (14,651 words) - 08:07, 5 September 2022
- AEPD (Spain) - PS/00205/2021 (category Article 6(1) GDPR)constitutes personal data according with Article 4(1) GDPR therefore its processing falls within the scope of GDPR. The DPA also analysed whether the controller28 KB (4,527 words) - 12:35, 13 December 2023
- LG Feldkirch - 57 Cg 30/19b - 15 (category Article 9(1) GDPR)the GDPR, as the data falls under Article 9 GDPR and awarded € 800 in emotional damages. The Austrian Business Code cannot override Article 9 GDPR. There69 KB (11,077 words) - 16:48, 7 March 2022
- AEPD (Spain) - PS/00079/2020 (category Article 83(5)(a) GDPR)of Article 6(1) GDPR? The Spanish DPA held that the documentation in the file provides evidence that G.L.P. Instalaciones 86, S.L violated Article 6(1)20 KB (3,301 words) - 13:57, 13 December 2023
- AEPD (Spain) - PS/00253/2020 (category Article 5(1)(c) GDPR)(hereinafter, LPA- CAP), for the alleged violation of Article 5.1.c) of the RGPD, typified in Article 83.5 of the GDPR. C / Jorge Juan, 6 www.aepd.es 28001 - Madrid22 KB (3,562 words) - 14:22, 13 December 2023
- AN - 578/2021 (category Article 5(1)(d) GDPR)particular, the following: 4. The processing of personal data violating the principles and guarantees established in article 5 of Regulation (EU) 2016/67926 KB (4,277 words) - 09:18, 26 July 2021
- NAIH (Hungary) - NAIH/2020/66/21 (category Article 25(1) GDPR)fine are set out in Article 83 of the General Data Protection Regulation. contained in Article. In the event of a breach of Article 5 of the General Data67 KB (10,492 words) - 10:11, 17 November 2023
- AEPD (Spain) - PS/00059/2020 (category Article 28 GDPR)the definitions of the legal concepts that the RGPD indicates in article 4: Article 4 GDPR. Definitions For the purposes of this Regulation, the following287 KB (48,336 words) - 13:53, 13 December 2023
- NAIH (Hungary) - NAIH/2020/2729/15 (category Article 5(1)(b) GDPR)captures activities of employees without their knowledge compliant with Article 5 GDPR? The DPA concluded that the video surveillance system introduced by58 KB (9,071 words) - 10:12, 17 November 2023
- CNIL (France) - SAN-2022-011 (category Article 12 GDPR)breach of the obligations of Article L. 34-5 of the Postal and Electronic Communications Code 11. According to article L. 34-5 of the CPCE: " Direct prospecting48 KB (7,525 words) - 17:02, 6 December 2023
- AEPD (Spain) - PS/00268/2019 (category Article 13 GDPR)specific enough and did not comply with Article 13 GDPR. Does the lack of precision enough to infrige Article 13 GDPR? The AEPD found that the information28 KB (4,435 words) - 14:23, 13 December 2023
- AEPD (Spain) - TD/00071/2020 (category Article 17 GDPR)6www.aepd.es28001 - Madridsedeagpd.gob.es Page 4 4/7with Article 6, paragraph 1, letter a), or Article 9, paragraph 2, letter a), and this is notbased19 KB (2,948 words) - 14:50, 13 December 2023
- AEPD (Spain) - PS/00502/2020 (category Article 21 GDPR)registered on the Robinson List in breach of Article 48(1)(b) LGT and Article 21 GDPR in conjunction with Article 23(4) LOPDGDD. Avilon Center SL made an voluntary23 KB (3,590 words) - 14:45, 13 December 2023
- Datatilsynet (Denmark) - 2019-41-0028 (category Article 32 GDPR)security . That Krifa - in accordance with Article 5 (1) of the Data Protection Regulation. 2, cf. Article 32 (1) (f), cf. 1 and 2 - has demonstrated that24 KB (3,947 words) - 16:24, 6 December 2023
- AEPD (Spain) - PS/00101/2020 (category Article 6 GDPR)Juan, 6www.aepd.es28001 - Madridsedeagpd.gob.es Page 5 5/5In accordance with the provisions of article 50 of the LOPDGDD, theThis Resolution will be made13 KB (1,871 words) - 13:59, 13 December 2023
- Datatilsynet (Norway) - 21/00045 (redirect from Datatilsynet (Norway) - 21/00045-5) (category Article 15(1) GDPR)assistance of the Norwegian DPA, based on GDPR rights. The DPA denied the request as per Article 55 GDPR, stating that the GDPR does not apply to his situation.12 KB (1,874 words) - 19:04, 5 March 2022
- Datatilsynet (Denmark) - 2020-432-0034 (category Article 5 GDPR)has taken place in accordance with Article 5 (1) of the Data Protection Regulation. Article 32 (1) (f) and Article 35. Below is a more detailed review40 KB (6,369 words) - 16:39, 6 December 2023
- AEPD (Spain) - PS/00135/2021 (category Article 6(1) GDPR)violated Article 6(1)GDPR, for processing personal data without a legal basis. Hence, the AEPD decided to fine Telefónica for the violation of Article 6(1)GDPR30 KB (4,631 words) - 13:00, 13 December 2023
- AEPD (Spain) - PS/00461/2019 (category Article 5(1)(c) GDPR)fine on the defendant and stated he has to comply with Article 5(1)(c) and Article 83(2)(a)(b) GDPR. Share your comments here! Share blogs or news articles15 KB (2,366 words) - 14:41, 13 December 2023
- AEPD (Spain) - PS/00448/2020 (category Article 5(1)(f) GDPR)€150,000 on Xfera Móviles S.A. (defendant) for infringing Article 17, 32, 5(1)(f) GDPR and Article 21 LSSI. The fine was imposed after investigating two complaints45 KB (7,217 words) - 14:40, 13 December 2023
- Datatilsynet (Denmark) - 2020-442-8866 (category Article 4(1) GDPR)paper has been disposed of for shredding. 4.1. Article 32 of the Data Protection Regulation Pursuant to Article 32 (1) of the Data Protection Regulation20 KB (3,045 words) - 16:40, 6 December 2023
- AN - SAN 3073/2022 (category Article 5(1)(c) GDPR)the company would have breach the data minimisation principle from Article 5(1)(c) GDPR. With regard to the union's demand to provide a list of the workers'34 KB (5,374 words) - 14:21, 24 November 2022
- AEPD (Spain) - PS/00188/2020 (category Article 5(1)(f) GDPR)violation of Article 5 (1) (f) GDPR? The Spanish DPA held that were clear indications that the defendant infringed Article 5 (1) (f) GDPR, principles relating24 KB (3,907 words) - 14:08, 13 December 2023
- AEPD (Spain) - PS/00235/2019 (category Article 6(1)(a) GDPR)twenty thousand euros), under¬ Article 6.1 (a) and Article 5.1 (a) of the GDPR, under consideration as ‘very serious’, in¬ Article 71 (1) (a) and (b), respectively24 KB (4,074 words) - 14:21, 13 December 2023
- AEPD (Spain) - EXP202105923 (category Article 5(1)(d) GDPR)controller violated Article 5(1)(d) GDPR ("accuracy"), but a more natural conclusion would be to find a violation of Article 32(1)(d) GDPR ("adoption of adequate26 KB (3,846 words) - 12:42, 13 December 2023
- APD/GBA (Belgium) - 55/2021 (category Article 6(1)(e) GDPR)data on the basis of Article 6.1.e GDPR ? - Did the administration sharing confidential data with a third party violates article 25 GDPR ? - Should the administration81 KB (13,211 words) - 16:59, 12 December 2023
- AEPD (Spain) - EXP202208230 (category Article 28(2) GDPR)violation of article 28.2 typified in Article 83.4 a) GDPR. SIXTY THOUSAND EUROS (€60,000) for alleged violation of article 28.3 typified in Article 83.4 a) GDPR45 KB (6,904 words) - 13:12, 13 December 2023
- AEPD (Spain) - PS/00474/2020 (category Article 21 GDPR)data subject has exercised their right to object under Article 21 GDPR. In the same way, Article 48(1)(b) of the Spanish General Telecommunications Act38 KB (5,945 words) - 12:14, 9 June 2021
- AEPD (Spain) - PS/00143/2020 (category Article 5(1)(f) GDPR)breach of Article 5(1)(f) GDPR ("integrity and confidentiality"). Therefore, the Spanish DPA held that there was an infringement of the GDPR. It imposed17 KB (2,578 words) - 14:05, 13 December 2023
- Rb. Gelderland - AWB - 18 3073 (category Article 6 GDPR)Section 49 of the Wbp has been met. 4.1 The next question to be answered is whether the claimant has suffered damage. 4.2 With reference to Section 6:106(1)(b)10 KB (1,424 words) - 12:09, 9 May 2022
- Persónuvernd (Iceland) - 2020061951 (category Article 5(1) GDPR)defined in the first paragraph. Article 4 of the Act, cf. Points 2 and 4 Article 3 of the Act and points 1 and 2. Article 4 of the Regulation. According to44 KB (7,044 words) - 08:42, 13 December 2021
- AEPD (Spain) - PS/00168/2020 (category Article 6(1) GDPR)violation of Article 6(1) GDPR? AEPD considered that the documentation provided offers evidence that Vodafone violated Article 6(1) of the GDPR, by processing22 KB (3,568 words) - 14:06, 13 December 2023
- AEPD (Spain) - PS/00388/2020 (category Article 7 GDPR)regards to a violation of Article 7 GDPR, for gathering consent in a generic way. To fine the controller €3000 for infringing Article 22(2) LSSI, for installing52 KB (8,471 words) - 14:33, 13 December 2023
- AEPD (Spain) - E/03884/2020 (category Article 4(1) GDPR)outside the material scope of the GDPR. Also, with regards to the definition of personal data from Article 4(1) GDPR, the DPA did not reach a firm conclusion56 KB (8,737 words) - 09:35, 26 May 2021
- Garante per la protezione dei dati personali (Italy) - 9283014 (category Article 5(1)(a) GDPR)6 GDPR and art 2-ter and 2-septies of the Italian Privacy Code, and going against the principles of fairness and minimisation set forth by art. 5 GDPR6 KB (437 words) - 15:47, 6 December 2023
- AEPD (Spain) - E/02666/2020 (category Article 14 GDPR)fulfilled the duty of information in accordance with GDPR. The Spanish DPA considered that Article 35 GDPR applies in this case and thus a DPIA is necessary24 KB (3,690 words) - 13:39, 13 December 2023
- LG Bonn - 29 OWi 1/20 (category Article 83(4) GDPR)states that the party concerned violated Article 83(4)(a) GDPR in conjunction with [Article 32(1) GDPR. Article 32 (1) GDPRby failing, at least with gross58 KB (9,577 words) - 08:06, 16 September 2021
- Garante per la protezione dei dati personali (Italy) - 9285411 (category Article 5(1)(a) GDPR)6 GDPR and art 2-ter and 2-septies of the Italian Privacy Code, and going against the principles of fairness and minimisation set forth by art. 5 GDPR6 KB (398 words) - 15:47, 6 December 2023
- Personvernnemnda (Norway) - 2021-13 (20/01874) (category Article 6(1) GDPR)cf. Article 58, paragraph 2, letter i, cf. Article 83. Both infringements of Article 6 and Article 13 may be sanctioned with a fee, cf. Article 85, paragraph48 KB (7,804 words) - 18:49, 5 March 2022
- GHAL - 200.254.914 (category Article 6(1)(f) GDPR)referred to in this article for the processing of personal data in the context of its search function. 4.5 Subsequently, Article 17(1) of the GDPR grants the right20 KB (2,722 words) - 10:04, 14 December 2023
- AEPD (Spain) - TD/00318/2019 (category Article 12 GDPR)considered a violation pursuant to Article 72(1)(m) of the LOPDGDD, which would be sanctioned according to Article 58(2) GDPR. Share your comments here! Share20 KB (2,999 words) - 14:52, 13 December 2023
- Datatilsynet (Norway) - 20/02147 (category Article 5 GDPR)the lack of security routines, thus breaching Article 32(1)(b) cf. Article 5 GDPR, Article 35 and Article 24(1), respectively. Teachers at two junior high24 KB (3,591 words) - 18:57, 5 March 2022
- AEPD (Spain) - PS/00274/2020 (category Article 21 GDPR)Raise Marketing violated the data subject's right to object (Article 21 GDPR and Article 23 LOPDGDD). The DPA fined Raise Marketing €1500 for this violation16 KB (2,544 words) - 14:25, 13 December 2023
- Rb. Amsterdam - 8598127 KK EXPL 20-357 (category Article 5 GDPR)the data could be processed under the legitimate interest basis (ARTICLE 6(1)(f) GDPR). The tribunal weighted the different interests at stake and decided27 KB (4,437 words) - 09:17, 22 August 2020
- Garante per la protezione dei dati personali (Italy) - 9542096 (category Article 83(5) GDPR)a violation of Article 12(3) in relation to Article 15 GDPR. The Garante hence applied an administrative fine as per Article 83(5) GDPR. The amount of21 KB (3,092 words) - 15:54, 6 December 2023
- AEPD (Spain) - PS/00408/2020 (category Article 6(1) GDPR)according to article 4.1 of the RGPD, is data personal protection and their protection, therefore, is the object of said Regulation. Article 4.2 of the RGPD47 KB (7,616 words) - 14:35, 13 December 2023
- AEPD (Spain) - EXP202207270 (category Article 19 GDPR)to the first controller. First, the DPA recalled that according to Article 4(1) GDPR the image of a person constitutes personal data because it reflects26 KB (3,901 words) - 13:19, 13 December 2023
- AEPD (Spain) - PS/00464/2020 (category Article 32(1) GDPR)Member States ”. The violation of article 32 is classified in article 83.4.a) of the cited GDPR in the following terms: "4. Violations of the following provisions29 KB (4,300 words) - 14:41, 13 December 2023
- AEPD (Spain) - PS/00200/2020 (category Article 6(1) GDPR)complaint - infringes Article 6(1) GDPR, by unlawfully processing the complainant's personal data, in relation to Article 5(1)(f) GDPR, which governs the30 KB (4,833 words) - 14:10, 13 December 2023
- AEPD (Spain) - PS/00368/2020 (category Article 21 GDPR)company, Iberdrola Clientes, S.A.U for infringing Article 21 GDPR, Article 48(1)(b) LGT, and Article 23(4) LOPDGDD. The initial proposed fine was €10000 however21 KB (3,137 words) - 14:33, 13 December 2023
- AEPD (Spain) - PS/00010/2020 (category Article 83(5) GDPR)AEPD held that the telecoms company 's actions were a breach of Article 6(1) GDPR. Article 6(1) does not apply here because they failed to prove that they22 KB (3,523 words) - 13:45, 13 December 2023
- RvS - 202000948/1/A3 (category Article 12(6) GDPR)the decision of April 4, 2019 of the board to be well-founded. This decision qualifies for annulment due to violation of article 4: 5, first paragraph, of12 KB (1,870 words) - 12:37, 16 September 2021
- AEPD (Spain) - PS/00416/2019 (category Article 6 GDPR)for an infractionof article 6 of the RGPD, typified in article 83.5.a) and classified as very serious toprescription effects in article 72.1.b) of the LOPDGDD206 KB (32,869 words) - 14:36, 13 December 2023
- AEPD (Spain) - PS/00374/2018 (category Article 5(1)(c) GDPR)controller, in this case the public administration, breached Articles 5(1)(c) and 5(1)(f) GDPR. The AEPD examined a complaint submitted by an anonymous citizen18 KB (2,711 words) - 13:43, 13 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 8205/154/18 (category Article 5 GDPR)is not sufficient. Article 87 GDPR regulates the processing of a national identity number. This is also regulated with Section 29.4 of the National Data12 KB (1,810 words) - 13:07, 3 March 2024
- Datatilsynet (Denmark) - 2018-423-0018 (category Article 5(1) GDPR)responsibility under Article 26 GDPR. Categories of data subjects and categories of personal data Pursuant to Article 30 (I) (1) (c) GDPR, a list must contain21 KB (3,119 words) - 16:22, 6 December 2023
- AZOP (Croatia) - Decision 30-12-2021 (category Article 5(1)(a) GDPR)had a legal basis under Article 6(1) GDPR to publish the data subject’s personal data, and did not violate Article 5(1)(a) GDPR. In the decision, the Croatian16 KB (2,411 words) - 15:44, 30 October 2023
- Garante per la protezione dei dati personali (Italy) - 9446659 (category Article 5(1)(a) GDPR)purpose thus breaching the principles of data minimization under article 5 (1) (c) GDPR. Share your comments here! Share blogs or news articles here! The25 KB (3,911 words) - 15:51, 6 December 2023
- AEPD (Spain) - PS/00379/2019 (category Article 6 GDPR)an alleged violation of article 6 of the GDPR typified as an infringement of basic principles for processing in article 83.5 GDPR. In determining the amount26 KB (4,235 words) - 14:33, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9542071 (category Article 5(1)(a) GDPR)protection of personal data, approved by resolution No. 98 of 4/4/2019, published in G.U. No. 106 of 8/5/2019 and in www.gpdp.it, web doc. No. 9107633 (hereinafter25 KB (3,961 words) - 15:54, 6 December 2023
- AEPD (Spain) - PS/00356/2020 (category Article 6(1) GDPR)pre-contractual; (…) " The offense is typified in Article 83.5 of the RGPD, which considers as such: "5. Violations of the following provisions will be sanctioned26 KB (3,848 words) - 14:31, 13 December 2023
- AEPD (Spain) - PS/00408/2019 (category Article 58(2) GDPR)es Page 4 4/5IIIThis infraction is typified in article 83.5.e) of the RGPD, which considers as such: “ nofacilitate access in breach of article 58, paragraph12 KB (1,812 words) - 14:35, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9445567 (category Article 5(1)(a) GDPR)paragraph 5, of the Code, the notification to the company of the alleged violations of the Regulation found, with reference to Articles 5, par. 1, lett16 KB (2,471 words) - 15:51, 6 December 2023
- AEPD (Spain) - EXP202100282 (category Article 6(1) GDPR)A.U. with NIF A-65559296, for the alleged violation of article 6.1. GDPR typified in article 83.5.a) of the aforementioned RGPD. C / Jorge Juan, 6 www.aepd27 KB (4,108 words) - 13:32, 13 December 2023
- APD/GBA (Belgium) - 05/2021 (category Article 5(1)(f) GDPR)arises from Article 5.2 and Article 24 GDPR where it is up to the defendant to demonstrate that they also acts in accordance with article 5.1. f GDPR namely:60 KB (9,281 words) - 16:50, 12 December 2023
- DSB (Austria) - 2021-0.347.702 (category Article 6(1)(f) GDPR)or by a third party. The court used Article 9(2)(f) GDPR to interpret legitimate interests under Article 6(1)(f) GDPR as including the establishment, exercise25 KB (3,875 words) - 10:36, 11 January 2024
- AEPD (Spain) - PS/00315/2019 (category Article 13 GDPR)information provided was in breach of Article 13 GDPR. Therefore, the authority warned the controller (Article 83(5) GDPR) and requested to complete the notice17 KB (2,633 words) - 14:28, 13 December 2023
- AEPD (Spain) - PS/00008/2020 (category Article 6(1) GDPR)www.aepd.es 28001 - Madrid sedeagpd.gob.es Page 5 5/14 particular (…) ” III The RGPD deals in its article 5 with the principles that must govern the treatment27 KB (4,408 words) - 13:45, 13 December 2023
- HDPA (Greece) - 2/2022 (category Article 5(1)(c) GDPR)National Defense violated the principle of dataminimisation under Article 5(1)(c) GDPR. It reasoned that the Type A Certificate's general purpose is to14 KB (2,093 words) - 17:06, 10 February 2022
- AEPD (Spain) - PS/00214/2022 (category Article 6(1) GDPR)provisions of article 9 of the GDPR, which implies the commission of an infringement classified in section 5.a) of the Article 83 of the GDPR. Article 83.5.a) of131 KB (20,916 words) - 12:38, 13 December 2023
- CNIL (France) - SAN-2022-022 (category Article 12(3) GDPR)requests for information according to Article 15(1) GDPR. The ‘Business secrecy’ exception only applied to Article 15(4) GDPR, where a data subject would request59 KB (9,623 words) - 17:03, 6 December 2023
- AEPD (Spain) - PS/00024/2019 (category Article 5(1)(f) GDPR)the principle of confidentiality, namely Article 5(1)(f) GDPR, and thus, it did not comply with Article 5(2) GDPR referred as the principle of "proactive53 KB (8,593 words) - 13:47, 13 December 2023
- AEPD (Spain) - PS/00132/2020 (category Article 83(5) GDPR)Procedure"), LPACAP), for the alleged violation of Article 6.1 of the GRPD, as defined in Article 83.5 of the RGPD. FOURTH: Once the above-mentioned agreement24 KB (3,939 words) - 14:03, 13 December 2023
- Court of Appeal of Brussels - 2022/AR/292 (category Article 5(1)(f) GDPR)companies that use the TC-string? (Article 4(1) GDPR) 2) a) Is IAB a (joint) controller (Article 4(7) GDPR and Article 24(1) GDPR)? b) Does it matter whether6 KB (675 words) - 09:55, 14 December 2023
- Garante per la protezione dei dati personali (Italy) - 9356568 (category Article 36(5) GDPR)measures aimed at strengthening the security of the processing. Under Article 36(5) GDPR, the Italian Ministry of Health has submitted the Data Protection71 KB (11,426 words) - 15:49, 6 December 2023
- AEPD (Spain) - PS/00274/2019 (category Article 5(1)(f) GDPR)violation of thearticle 5.1.f), in relation to article 6.1 of the RGPD.The violation of article 5.1.f) of the RGPD is typified in article 83.5.a)of the RGPD. The37 KB (5,700 words) - 14:24, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9861827 (category Article 5(1)(a) GDPR)violated Article 12 GDPR, as it did not facilitate the data subject´s exercise of their rights, especially the right to erasure under Article 17 GDPR. In view87 KB (14,525 words) - 15:45, 6 December 2023
- AEPD (Spain) - EXP202200367 (category Article 5(1)(a) GDPR)was complete and in accordance with the transparency principle of Article 5(1)(a) GDPR. In conclusion, the DPA held that no violation had occurred in the57 KB (8,117 words) - 10:35, 13 December 2023
- AEPD (Spain) - PS/00090/2020 (category Article 83(5)(e) GDPR)gob.es 4/9 This infraction is typified in Article 83.5.e) of the RGPD, which considers such as: 'failure to provide access in breach of Article 58(1)'16 KB (2,462 words) - 13:58, 13 December 2023
- AEPD (Spain) - PS/00405/2019 (category Article 6(1) GDPR)significant (Article 83(2)(b) GDPR). - basic personal identifiers were affected (name, identification number, the line identifier) (Article 83(2)(g) GDPR). The24 KB (3,887 words) - 14:34, 13 December 2023
- APD/GBA (Belgium) - 28/2020 (category Article 6(1)(f) GDPR)erased and thus also violates Article 17.1(c) AVG. 3.2. With regard to the infringement of Article 6.1 and Article 21.4 of the AVG 29. In its statement27 KB (4,363 words) - 16:56, 12 December 2023
- IMY (Sweden) - DI-2019-9457 (category Article 32(1) GDPR)show that the basics the principles of Article 5 of the Data Protection Regulation are complied with (Article 5 (2) of the Regulation). The person responsible43 KB (4,600 words) - 17:08, 23 March 2022
- accordance with Article 38.3 of the AVG 5. On 5 October 2021, the Disputes Chamber decided on the basis of article 95, §1, 1°and article 98 of the CPC that206 KB (30,485 words) - 09:54, 14 December 2023
- APD/GBA (Belgium) - 63/2020 (category Article 12(4) GDPR)en hij deze zaak niet wenst verder te zetten. 2. Rechtsgrond Artikel 12.4 AVG 4. Wanneer de verwerkingsverantwoordelijke geen gevolg geeft aan het verzoek20 KB (2,982 words) - 17:00, 12 December 2023
- AEPD (Spain) - EXP202203914 (category Article 6(1) GDPR)correspond would be for the infringement of article 6.1 of the GDPR, typified in article 83.5 a) of the GDPR, the sanction that would correspond would be37 KB (5,914 words) - 10:42, 13 December 2023
- AEPD (Spain) - EXP202203923 (category Article 12 GDPR)with the provisions of section 2 of article 56 in relation to section 1 f) of article 57, both of the GDPR; and in article 47 of the LOPDGDD. SECOND: In accordance14 KB (2,139 words) - 10:50, 13 December 2023
- AEPD (Spain) - EXP202204881 (category Article 6(1) GDPR)the LPACAP, for the alleged infringement of Article 6.1 of the GDPR, typified in Article 83.5 of the GDPR. SIXTH: On January 23, 2023, DIGI requests a55 KB (9,017 words) - 10:46, 13 December 2023
- CNIL (France) - SAN-2023-016 (category Article 5(1)(b) GDPR)breached Article 5(1)(b) GDPR. Therefore, the DPA handed down a 'call to order' against the joint controllers for breaching Article 5(1)(b) GDPR, and no27 KB (4,166 words) - 17:06, 6 December 2023
- Datatilsynet (Denmark) - 2019-41-0029 (category Article 5(2) GDPR)complied with the requirements of Article 32 (2) of the Data Protection Regulation. 1 and Article 5 (1). 2, cf. Article 32 (1) (f), cf. 1 and 2. It is clear18 KB (2,699 words) - 16:25, 6 December 2023
- AEPD (Spain) - 0098/2022 (category Article 6(1)(e) GDPR)assessment and an additional DPIA under Article 35 GDPR, in order to guarantee the adherence to the principles of Article 5 GDPR. First, the Spanish DPA stated56 KB (8,102 words) - 13:57, 1 February 2023
- AEPD (Spain) - EXP202105693 (category Article 6(1) GDPR)sections 4, 5 and 6 of the Article 83 of Regulation (EU) 2016/679, as well as those that are contrary to the present organic law”. And in its article 72, it49 KB (7,579 words) - 13:15, 13 December 2023
- AEPD (Spain) - PS/00116/2020 (category Article 13 GDPR)cookies, as per Article 22(2) Spanish Law on Information Society Services (LSSI). This law regulates cookies, connected to Article 13 GDPR. The decision16 KB (2,380 words) - 14:01, 13 December 2023
- AEPD (Spain) - EXP202202898 (category Article 6(1) GDPR)hereinafter, LPACAP), for the alleged infringement of Article 6.1 of the GDPR, typified in Article 83.5 of the GDPR. FIFTH: Notified of the aforementioned start-up34 KB (5,358 words) - 13:16, 13 December 2023
- BVwG (Austria) - W211 2268942-1 (category Article 55(3) GDPR)the complainant for the costs of the appeal (paragraph 5). 3.4.2. According to Article 55 (3) GDPR, the supervisory authorities are not responsible for supervising75 KB (12,118 words) - 15:46, 14 February 2024
- Garante per la protezione dei dati personali (Italy) - 9440000 (category Article 5(1)(c) GDPR)protection of personal data, approved by resolution No 98 of 4/4/2019, published in OJ No 106 of 8/5/2019 and in www.gpdp.it, web doc. No 9107633 (hereinafter24 KB (3,852 words) - 15:50, 6 December 2023
- Personvernnemnda (Norway) - PVN-2023-03 (category Article 55 GDPR)unclear, cf. the preparations for the act, Prop. 56 LS (2017-2018) points 4.4.7 and 4.5.7. The question has not previously been put to the fore, and there is19 KB (2,858 words) - 10:06, 17 November 2023
- AEPD (Spain) - TD/00263/2020 (category Article 13 GDPR)free circulation of these data (hereinafter, GDPR); and in article 47 of the Law Organic 3/2018, of December 5, Protection of Personal Data and guarantee22 KB (3,544 words) - 14:48, 13 December 2023
- AEPD (Spain) - PS/00127/2020 (category Article 13 GDPR)information duty included in Article 13 GDPR. Is this a violation of Article 13 GDPR? The AEPD held that there had been a violation of Article 13. According to the35 KB (5,363 words) - 14:02, 13 December 2023
- that the right to freely request inspection is infringed. 5.3. The argument fails. 5.4. 5.4. [appellant under 1] has also requested compensation for exceeding19 KB (3,135 words) - 12:38, 16 September 2021
- AEPD (Spain) - PS/00054/2021 (category Article 32(1) GDPR)States ”. The violation of article 32 of the RGPD is typified in article 83.4.a) of the aforementioned RGPD in the following terms: "4. Violations of the following27 KB (3,993 words) - 13:52, 13 December 2023
- Rb. Gelderland - AWB 19/2901 (category Article 5 GDPR)whether Article 6 GDPR provides a legal basis for processing credit cards details and whether the processing is compliant with Article 5 GDPR. It also17 KB (2,610 words) - 16:18, 10 March 2022
- HDPA (Greece) - 55/2021 (category Article 33 GDPR)(EU) 2016/679, according to article 58 par. 2 i of the GCP in combination with the article 83 par. 4 and 5 of GKPD and article 39 par. 1 of law 4624/201965 KB (10,533 words) - 10:28, 27 January 2022
- AEPD (Spain) - EXP202105333 (category Article 6(1) GDPR)hereinafter, LPACAP), for the alleged infringement of Article 6.1 of the GDPR, typified in Article 83.5 of the GDPR. SIXTH: On October 13, 2022, DIGI requests the49 KB (7,973 words) - 13:25, 13 December 2023
- Datatilsynet (Denmark) - 2018-7320-0166 (category Article 5(1)(c) GDPR)accordance with Article 12 (2) of the Data Protection Regulation. 6 and Article 5 (2). 1 (c). The Data Inspectorate has hereby emphasized that Article 12 (2) of18 KB (2,773 words) - 16:22, 6 December 2023
- EWHC (UK) - Johnson v Eastlight Community Homes Ltd (category Article 82 GDPR)principles to the GDPR; (b) The effect (if any) of the remaining claims Article 5(1)(f) GDPR (the data security principle), the Article 8 claim and46 KB (7,676 words) - 10:45, 7 December 2021
- NAIH (Hungary) - NAIH/2020/3479 (category Article 5(1)(d) GDPR)suspension. " 5 Pursuant to Article 83 (2), (5) and (7) of the General Data Protection Regulation: “[...] administrative fines in accordance with Article 58 (2)30 KB (4,563 words) - 10:12, 17 November 2023
- AEPD (Spain) - TD/00251/2021 (category Article 15 GDPR)of these data (hereinafter, GDPR); and in article 47 of the LOPDGDD. SECOND: In accordance with the provisions of article 55 of the RGPD, the Agency Spanish20 KB (3,142 words) - 13:31, 13 December 2023
- obligations under Article 6, §2, al. 5 and Article 9 of the Camera Act 1 2. there is a serious indication that article 6, § 2, al. 4 of the aforementioned35 KB (5,303 words) - 17:01, 12 December 2023
- AEPD (Spain) - PS/00381/2019 (category Article 5(1)(f) GDPR)breach of Article 5(1)(f) GDPR. Was the publication of the census copies a breach of the data integrity and confidentiality principle under Article 5(1)(f)22 KB (3,479 words) - 14:33, 13 December 2023
- regarding Article 6(1) GDPR and consent requirements regulated previously to GDPR. The fact that the infringements related to Article 25 GDPR did not include440 KB (73,154 words) - 09:44, 12 May 2021
- AEPD (Spain) - PS/00475/2019 (category Article 17 GDPR)complainant as per Article 17 GDPR, as well as his/her right as a consumer to refuse unsolicited commercial phone calls, as per Article 21 GDPR in connection23 KB (3,481 words) - 14:42, 13 December 2023
- APD/GBA (Belgium) - 36/2021 (category Article 5(1) GDPR)approved appeal of Article 5(1)(a), Article 12(1), Article 13(1) and Article 13(2). The appeal for Article 5(1)(c), Article 6(1) and Article 8 GDPR was not approved62 KB (9,417 words) - 16:57, 12 December 2023
- APD/GBA (Belgium) - 33/2020 (category Article 5 GDPR)by the defendant under Article 6(1) GDPR? Did the controller infringe the data minimisation principle under Article 5(1)(c) GDPR? Did the controller commit39 KB (6,551 words) - 16:56, 12 December 2023
- AEPD (Spain) - PS/00135/2020 (category Article 13 GDPR)obligations of the partners". SECOND: In accordance with article 65.4 of the Organic Law 3/2018, of 5 December, on Personal Data Protection and guarantee of47 KB (7,756 words) - 14:04, 13 December 2023
- AEPD (Spain) - PS/00433/2020 (category Article 58(2)(c) GDPR)aepd.es28001 - Madridsedeagpd.gob.es Page 4 4/11i) impose an administrative fine in accordance with article 83, in addition to or instead ofthe measures23 KB (3,592 words) - 14:40, 13 December 2023
- AZOP (Croatia) - Decision 10-08-2023 (category Article 5 GDPR)this the AZOP held that the controller acted contrary to Article 5(1)(a) GDPR and Article 6 GDPR. Moreover, the AZOP reiterated the fact that the pictures19 KB (2,955 words) - 16:29, 5 December 2023
- AEPD (Spain) - EXP202204515 (category Article 6(1)(a) GDPR)copy of 4 commercial SMS received on 12/10/2021, 12/17/2021 and 03/15/2021. The issuer is identified as YOIGO. SECOND: In accordance with article 65.4 of Organic20 KB (3,159 words) - 13:20, 13 December 2023
- AEPD (Spain) - PS/00324/2019 (category Article 13 GDPR)against the respondent, for the alleged infringement of Article 13 of the RGPD, typified in Article 83.5 of the RGPD. In view of all that has been done, the22 KB (3,480 words) - 14:28, 13 December 2023
- HDPA (Greece) - Opinion 2/2020 (category Article 35(1) GDPR)of Article 6(1)(e) GDPR -public interest and exercise of official authority vested in it, which falls within the exception of Article 9(2)(j) GDPR. It33 KB (5,266 words) - 15:32, 6 December 2023
- identification data of the parties be published directly. 3Ibid. Decision 57/2022 - 4/4 12. In accordance with its dismissal policy, the Disputes Chamber will refer12 KB (1,431 words) - 16:45, 12 December 2023
- AEPD (Spain) - PS/00209/2019 (category Article 57(1) GDPR)powers of investigation conferred on the supervisory authorities in Article 57 (1) of the GDPR.Thus, on 31/10/18, an information injunction was sent to the entity26 KB (4,212 words) - 14:10, 13 December 2023
- decision stated: - Pursuant to Article 100, §1, 9 WOG, to order processing in accordance with with Articles 5.1.f, 5.2, 24 and 32 GDPR, in which in particular24 KB (3,393 words) - 09:25, 10 September 2021
- OLG Frankfurt am Main - 13 U 206/20 (category Article 17(1) GDPR)by the plaintiff pursuant to Article 82(1) GDPR, since there have been violations of Article 6(1)(a) GDPR and Article 34 GDPR. The defendant also breached44 KB (7,334 words) - 09:02, 17 March 2022
- CNIL (France) - SAN-2023-025 (category Article 6(1)(a) GDPR)the data subjects, therefore breaching Article 6 GDPR, as well as Article 5(1)(b) GDPR. Thirdly, Article 30 GDPR stipulates that the controller must keep53 KB (8,418 words) - 11:21, 6 February 2024
- AEPD (Spain) - EXP202103039 (category Article 13 GDPR)pursuant to Article 13 GDPR. In the present case, the controller omitted this obligation. The DPA therefore held that the controller violated Article 13 GDPR22 KB (3,385 words) - 13:35, 13 December 2023
- AZOP (Croatia) - Decision 17-05-2022 (redirect from AZOP (Croatia) - Usž-27/22-4) (category Article 6 GDPR)consent, in line with Article 6(1)(a) GDPR. The Court recalled that Article 31 of the Croatian Law on the Implementation of the GDPR stipulates that the15 KB (2,261 words) - 15:55, 30 October 2023
- DSB (Austria) - D123.768/0004-DSB/2019 (category Article 4(4) GDPR)CFR Art8 para 11 CFR Art11 para 1 ECHR Art10 para 1 GDPR Art4 no 2 GDPR Art4 no 7 GDPR Art85 para 1 GDPR Art85 para 2 Text GZ: DSB-D123.768/0004-DSB/201929 KB (4,637 words) - 13:57, 12 May 2023
- AEPD (Spain) - TD/00182/2019 (category Article 15 GDPR)referred to in Article 15(1) of Regulation (EU) 2016/679 that is not included in the remote access system. 3. For the purposes set out in Article 12(5) of Regulation18 KB (2,922 words) - 14:51, 13 December 2023
- AEPD (Spain) - PS/00232/2020 (category Article 6(1) GDPR)Madrid sedeagpd.gob.es 4/9 punish the complained party for an infraction of article 6.1 of the RGPD, typified in the Article 83. 5) of the RGPD, with a fine29 KB (4,386 words) - 14:20, 13 December 2023
- AEPD (Spain) - TD/00034/2020 (category Article 9(2)(h) GDPR)of articles 12.5 and 15.3 of the Regulation (EU)2016/679 and in the paragraphs 3 and 4 of article 13 of this organic law " FIFTH: Article 17 of the RGPD17 KB (2,730 words) - 14:50, 13 December 2023
- OLG Naumburg - 9 U 6/19 (category Article 9(1) GDPR)Court found that customers’ order data is health data and fall within Article 9(1) GDPR. Amazon does not collect health data stricto sensu but it can draw32 KB (5,236 words) - 16:00, 10 March 2022
- AEPD (Spain) - PS/00332/2020 (category Article 7 GDPR)The Spanish DPA (AEPD) fined Borjamotor, S.A. for infringing Article 7 GDPR and Article Article 21(1) of the Spanish Law on Information Society Services (LSSI)45 KB (6,853 words) - 14:29, 13 December 2023
- AEPD (Spain) - PS/00254/2019 (category Article 4(12) GDPR)infringement of Article 32.1 of the GDPR typified as a serious infringement in Article 73 f) of the LOPDGDD and in Article 83.4 of the GDPR. For its part39 KB (6,341 words) - 14:23, 13 December 2023
- CNIL (France) - MED-2019-027 (category Article 24(1) GDPR)Criminal Procedure, in particular Article 9 thereof; Having regard to the Highway Code, in particular Article L. 130-9, paragraph 4 thereof; Having regard to Law21 KB (3,274 words) - 17:08, 6 December 2023
- AEPD (Spain) - EXP202202889 (category Article 12 GDPR)with the provisions of section 2 of article 56 in relation to section 1 f) of article 57, both of the GDPR; and in article 47 of the LOPDGDD. SECOND: In accordance20 KB (3,077 words) - 10:46, 13 December 2023
- NAIH (Hungary) - NAIH/2020/1154/9 (category Article 6(1)(f) GDPR)the general data protectionArticle 5 (1) (a), Article 5 (2), Article 12 (1) and (4) ofArticle 14, Article 15 and Article 21 (4).1.3. The Authority condemns192 KB (30,170 words) - 10:11, 17 November 2023
- Tietosuojavaltuutetun toimisto (Finland) - 8235/154/18 (category Article 5(1)(c) GDPR)accordance with Article 5 (1) (c) of the General Data Protection Regulation; and (3) whether the controller should be ordered in accordance with Article 58 (2)28 KB (4,501 words) - 13:07, 3 March 2024
- AKI (Estonia) - 2.1.-1/22/1396 (category Article 5 GDPR)protection principles in Article 5 GDPR. This includes notifying the data subjects about processing in accordance with Articles 12 and 13 GDPR. The DPA held that34 KB (5,305 words) - 08:40, 29 June 2023
- AEPD (Spain) - EXP202104530 (category Article 28 GDPR)www.aepd.es 28001 – Madrid sedeagpd.gob.es 4/4 in accordance with the provisions of article 25 and paragraph 5 of the provision additional fourth of Law12 KB (1,685 words) - 12:41, 13 December 2023
- Datatilsynet (Norway) - 20/01949 (category Article 5 GDPR)transparency, cf. Article 5(1)(a), and accuracy, cf. Article (5)(1)(d), they hadn't recorded the processing activity as required in Article 30, hadn't conducted49 KB (7,572 words) - 16:14, 6 December 2023
- Council of State - 251.378 (category Article 28(1) GDPR)ruling and the GDPR; breach of Article 28 GDPR (the choice of a the processor does not provide sufficient guarantees); breach of Article 32 GDPR (lack of appropriate40 KB (6,324 words) - 15:34, 1 September 2021
- CNIL (France) - SAN-2020-013 (category Article 6 GDPR)derogant rule, based on the interpretation of Article 95 GDPR in the line of the Rec (173) GDPR and Article 1(2) and 15a of the ePrivacy Directive. The CNIL82 KB (13,424 words) - 17:10, 6 December 2023
- ICO (UK) - Enforcement Notice and Warning Letter - Home Office (category Article 5(2) GDPR)accountability pursuant to Article 5(2) UK GDPR because it failed to demonstrate compliance with Article 5(1)(a) and (c) UK GDPR principles of lawfulness129 KB (17,281 words) - 14:57, 10 April 2024
- AZOP (Croatia) - Decision 05-10-2023 (redirect from AZOP (Croatia) - Decision 5-10-2023) (category Article 5 GDPR)existence of a legal basis from Article 6, paragraph 1, and in connection with this, Article 9, paragraph 2 of the GDPR; 4. The data controller did not inform13 KB (1,934 words) - 20:55, 1 November 2023
- AEPD (Spain) - PS/00234/2020 (category Article 7 GDPR)AEPD concluded that the defendant could have breached Article 13 GDPR, Article 7 GDPR and Article 22(2) LSSI: there was no identification of the data controller47 KB (7,368 words) - 14:21, 13 December 2023
- AEPD (Spain) - E/03624/2021 (category Article 5(1)(a) GDPR) (section DPA mutual assistance under Article 61 GDPR)the principle of transparency established in Article 5(1)(a) GDPR and further developed in Article 12 GDPR, and that the data subject was duly provided58 KB (8,665 words) - 16:10, 1 February 2022
- AEPD (Spain) - TD/00262/2019 (category Article 17 GDPR)articles 12.5 and 15.3 of the Regulation (UE)2016/679 and in the paragraphs 3 and 4 of article 13 of this organic law "FIFTH: The article 17 of the RGPD17 KB (2,751 words) - 14:51, 13 December 2023
- CE - N° 428451 (category Article 6 GDPR)consultation in its visas is also ineffective. 4. Secondly, if, under the terms of a) of 4 ° of I of article 11 of the law of 6 January 1978 relating to data35 KB (5,153 words) - 16:29, 20 May 2021
- AEPD (Spain) - PS/00149/2020 (category Article 6 GDPR)unsolicited commercial emails without a legal basis, connected to Article 6 of the GDPR—, as the defendant agreed to an early and guilty voluntary payment19 KB (2,795 words) - 14:06, 13 December 2023
- OLG Linz - 6R49/19x (category Article 4(2) GDPR)protection, the DSGVO had come into force during the proceedings. Pursuant to Article 69 (4) of the DSG, proceedings pending before the ordinary courts under the33 KB (5,113 words) - 09:50, 14 December 2023
- CNIL (France) - SAN-2023-018 (category Article 31 GDPR)municipality €5,000 for failing to designate a DPO and to cooperate with the DPA, therefore violating Article 31 GDPR and Article 37(1)(a) GDPR. On 2 June22 KB (3,384 words) - 13:25, 24 January 2024
- Datatilsynet (Denmark) - 2019-441-3399 (category Article 32 GDPR)identification of natural persons. It follows from Article 12 (1) GDPR that, without prejudice to Article 11, if there is reasonable doubt as to the identity27 KB (4,231 words) - 16:38, 6 December 2023
- Datatilsynet (Norway)- 20/02254 (category Article 57(1)(a) GDPR)2-7 b, which implement Article 5 (3) of the Communication Protection Directive, are lex specialis for the Privacy Regulation. Article 95 of the Privacy Regulation24 KB (3,498 words) - 16:14, 6 December 2023
- Court of Appeal of Brussels - 2020/AR/1111 (category Article 3(1) GDPR)ofcontroller (article 4.7 of the GDPR), the scope of the GDPR (article3.1 of the GDPR), the right to erasure (article 17 of the GDPR) and its powers (article 58.2of37 KB (5,919 words) - 08:54, 20 August 2021
- Court of Appeal of Brussels - 2021/AR/74 (category Article 6 GDPR)fourth applicant, 5.FUNDACJA PANOPTYKON c/o. foundation under Polish law, with company number0000327613, with seat to onion. Orzechowska 4/4, 02-068 Warsaw5 KB (518 words) - 15:08, 9 August 2022
- AEPD (Spain) - PS/00247/2020 (category Article 7 GDPR)L. for the infringement of Article 13 GDPR (data privacy policy) and a warning penalty for the infringement of Article 7 GDPR regarding the collection of24 KB (3,893 words) - 14:22, 13 December 2023
- AEPD (Spain) - PS/00005/2020 (category Article 5(1)(c) GDPR)against the defendant, for the alleged infringement of Article 5.1.c) of the RGPD, typified in Article 83.5 of the RGPD. FOURTH: On 06/02/20, this Agency received13 KB (1,795 words) - 13:47, 13 December 2023
- BVwG - W101 2132183-1 and W101 2132039-1 (category Article 4(1) GDPR) (section Use of online tools to provide access in line with Article 12 GDPR)personal data and information under Article 15 GDPR in his Google account, Google has not violated Article 15 GDPR concerning this data/information. As107 KB (17,615 words) - 09:42, 10 September 2021
- AEPD (Spain) - TD/00248/2020 (category Article 12 GDPR)free circulation of these data (hereinafter, GDPR); and in article 47 of the Law Organic 3/2018, of December 5, Protection of Personal Data and guarantee25 KB (3,972 words) - 14:47, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9538748 (category Article 5(1)(f) GDPR)pursuant to Article 58, paragraph 2, of the Regulation, with this measure. Pursuant to Article 78 of the Regulation, Article 152 of the Code and Article 10 of24 KB (3,672 words) - 15:54, 6 December 2023
- AEPD (Spain) - PS/00425/2019 (category Article 5(1)(f) GDPR)of an infringement of Article 5 (1) (f) of the GDPR under (74345679) (f) of the GDPR, as set out in Article 83 (5) (a) of the GDPR. SECOND: To notify this14 KB (2,140 words) - 14:39, 13 December 2023
- AEPD (Spain) - PS/00062/2020 (category Article 13 GDPR)B02547164, for an infringement of article 13 of the RGPD, typified in article 83.5 GDPR, a fine of FIVE THOUSAND EUROS (€ 5,000.00). SECOND: NOTIFY this resolution44 KB (7,162 words) - 13:53, 13 December 2023
- GHSHE (Netherlands) - 200.274.447 01 (category Article 5 GDPR)pay to [the employee] compensation/amount, pursuant to Article 7:683(4) in conjunction with Article 7:682(6) of the Dutch Civil Code, equal to the gross60 KB (10,118 words) - 15:12, 5 October 2021
- AEPD (Spain) - EXP202203996 (category Article 15 GDPR)circulation of these data (hereinafter GDPR); and in article 47 of the LOPDGDD. SECOND: In accordance with the provisions of article 55 of the RGPD, the Agency Spanish26 KB (4,017 words) - 12:37, 13 December 2023
- OGH - 9Ob38/19g (category Article 4(11) GDPR)meaning of § 6 para 1 no. 5 KSchG (Eccher in Fenyves/Kerschner/Vonkilch, Klang3 § 6 para 1 no. 5 KSchG Rz 5 f; Kathrein/Schoditsch in KBB5 § 6 KSchG Rz 11 [aE];200 KB (33,233 words) - 09:49, 14 December 2023
- AEPD (Spain) - PS/00179/2020 (category Article 32(1) GDPR)as established in article 5 of the GDPR. The security of personal data is regulated in articles 32, 33 and 34 of the GDPR. III The GDPR defines personal100 KB (16,401 words) - 14:07, 13 December 2023
- AEPD (Spain) - TD/00085/2020 (category Article 12 GDPR)set out in Article 15(1) of Regulation (EU) 2016/679 which are not be included in the remote access system. 3. For the purposes of Article 12(5) of Regulation17 KB (2,654 words) - 14:50, 13 December 2023
- CNIL (France) - SAN-2020-008 (category Article 5(1)(e) GDPR)violation of Article 12 GDPR ? Are the following practices an infringement on data subjects' information right as described in Article 12 GDPR ? Spreading104 KB (16,646 words) - 17:09, 6 December 2023
- AEPD (Spain) - PS/00299/2019 (category Article 7 GDPR)(thirty thousand euros), for violation of article 22.2) of the LawLSSI, typified as “slight” in article 38.4.g) of the aforementioned Law.SECOND: REQUIRING21 KB (3,202 words) - 14:54, 13 December 2023
- Court of Appeal of Brussels - 2020/AR/329 (category Article 57(1)(f) GDPR)he assessment: violation of Article 57.4 AVG (third plea in law from X). X submits that the decision violates Article 57.4 of the AVG where this provision48 KB (7,560 words) - 09:03, 20 August 2021
- AZOP (Croatia) - Decision 18-12-2020 (category Article 5(1)(c) GDPR)this case failed to respect the principle of data minimisation of Article 5(1)(c) GDPR since information about these kinds of grants and how they are calculated21 KB (3,345 words) - 15:24, 30 October 2023
- Persónuvernd - 2020051604 (category Article 4(1) GDPR)a work that is in the public interest, cf. Item 5 Article 9 Act no. 90/2018 and paragraph 3 e. Article 6 Regulation (EU) 2016/679. 3. Conclusion Privacy13 KB (1,930 words) - 09:33, 13 May 2022
- regarding Article 6(1) GDPR and consent requirements regulated previously to GDPR. The fact that the infringements related to Article 25 GDPR did not include457 KB (75,575 words) - 09:36, 12 May 2021
- LG Münster I - ECLI:DE:LGMS:2023:0704.16O238.22.00 (category Article 6(1)(f) GDPR)Art. 4 No. 1 GDPR, is processed and stored here by the defendant as the person responsible in accordance with Art. 4 No. 7 GDPR. According to Art. 4 No.28 KB (4,215 words) - 15:09, 6 December 2023
- AEPD (Spain) - PS/00095/2020 (category Article 5(1)(b) GDPR)by the alleged violation of Article 5.1(f) of the GDPR, Article 5.1(b) of the GDPR, as set out in Article 83.5 of the GDPR. FOURTH: On 10 June 2020, the15 KB (2,317 words) - 13:59, 13 December 2023
- AEPD (Spain) - PS/00406/2020 (category Article 6(1)(f) GDPR)violation of article 6.1. f) of the RGPD, in relation with article 20.1 c) of the LOPDGDD, typified in article 83.5.a) of the cited GDPR That by writing36 KB (5,582 words) - 14:35, 13 December 2023
- Datatilsynet (Denmark) - 2020-432-0037 (category Article 28(3) GDPR)violation of Article 32(1) GDPR due to the scope of the data mishandling and the sensitivity of the subject. Moreover, the Family Court violated Article 28(3)46 KB (7,343 words) - 16:39, 6 December 2023
- AEPD (Spain) - EXP202202183 (category Article 6(1) GDPR)provided for in Article 15 GDPR and Article 13 LOPDGDD was exercised. Secondly, the DPA noted that a valid legal basis under Article 6(1) GDPR is required22 KB (3,432 words) - 12:37, 13 December 2023
- AEPD (Spain) - E/06179/2019 (category Article 32 GDPR)for a possible personal data breach affecting confidentiality, as per Article 32 GDPR. The decision is the consequence of the notification of a possible personal6 KB (386 words) - 13:40, 13 December 2023
- AEPD (Spain) - PS/00410/2019 (category Article 7 GDPR)Jorge Juan, 6www.aepd.es28001 - Madridsedeagpd.gob.es Page 5 5/5set forth in article 25 and section 5 of the fourth additional provision of the Law29/1998,15 KB (2,192 words) - 14:36, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9445550 (category Article 83(5) GDPR)amount of the fine under Article 83(2) GDPR. The data subjects complains about the violation of its right of access (Article 15 GDPR) by the Istituto Nazionale22 KB (3,478 words) - 15:51, 6 December 2023
- OLG Innsbruck - 1 R 182/19b (category Article 82 GDPR)had fulfilled its obligation to provide information pursuant to Article 12(3) and Article 4(7) of the Basic Law (Voriger SuchbegriffDSGVONächster Suchbegriff)54 KB (7,916 words) - 12:06, 9 May 2022
- Datatilsynet (Denmark) - 2019-431-0037 (category Article 28(1) GDPR)publicly available on the Internet. However, it follows from Article 28(1) GDPR and Article 28(3)(f) GDPR that the data processor (in this instance Kombit A/S)18 KB (2,710 words) - 16:34, 6 December 2023
- AEPD (Spain) - PS/00141/2020 (category Article 6(1)(a) GDPR)Judiciales (JAVA). JAVA infringed Article 6(1)(a) GDPR by publishing illegal recordings on its website and also infringed Article 22(2) LSSI due to its cookie26 KB (4,150 words) - 14:05, 13 December 2023
- AEPD (Spain) - TD/00254/2020 (category Article 15 GDPR)free circulation of these data (hereinafter, GDPR); and in article 47 of the Law Organic 3/2018, of December 5, Protection of Personal Data and guarantee25 KB (3,791 words) - 14:47, 13 December 2023
- AP (The Netherlands) - 04.11.2019 (category Article 32 GDPR)companies Menzis and VGZ € 50.000 for insufficient security measures under Article 32 GDPR. Translated summary by the AP (The Netherlands): In 2018, the Authority36 KB (5,914 words) - 17:13, 12 December 2023
- Personvernnemnda (Norway) - 2021-09 & PVN-2021-15 (20/01790) (category Article 5(1)(a) GDPR)of personal data from a surveillance footage, thus breaching Article 5(1)(a) GDPR and Article 6. The complainant argued that the size of the administrative40 KB (6,549 words) - 18:49, 5 March 2022
- AEPD (Spain) - TD/00325/2019 (category Article 12 GDPR)set out in Article 15(1) of Regulation (EU) 2016/679 that is not included in the remote access system.3. For the purposes set out in Article 12(5) of Regulation17 KB (2,691 words) - 14:52, 13 December 2023
- Personvernnemnda (Norway) - PVN-2022-19 (category Article 17(1)(a) GDPR)public interest in accordance with national law. It follows from Article 5(1)(b) GDPR that further processing for archival purposes in the public interest23 KB (3,547 words) - 10:05, 17 November 2023
- AEPD (Spain) - PS/00491/2020 (category Article 6(1) GDPR)violation of Article 13 GDPR and issued a warning to the controller. The AEPD took into account the following aggravating factors (Article 83 (2) GDPR) to determine19 KB (2,957 words) - 14:45, 13 December 2023
- AEPD (Spain) - EXP202202837 (category Article 6(1) GDPR)(Considering 40 GDPR), Article 6.1 of the GDPR is therefore applicable and not RD 1720/2007 used by the defendant. Thus, the aforementioned article 6.1 GDPR establishes58 KB (8,995 words) - 13:00, 13 December 2023
- AEPD (Spain) - PS/00269/2019 (category Article 5(1)(f) GDPR)infringement of article 5.1.f), in relation to article 6.1, of the RGPD. The infringement of article 5.1.f) of the RGPD is typified in article 83.5.a) of the30 KB (4,761 words) - 14:24, 13 December 2023
- AEPD (Spain) - PS/00092/2020 (category Article 83(5)(b) GDPR)reprimand to the company for not complying with Article 13 GDPR, since it failed to even mention the GDPR in its Privacy Policy. Share your comments here22 KB (3,514 words) - 13:58, 13 December 2023
- UODO (Poland) - DKE.561.13.2020 (category Article 31 GDPR)Protection, pursuant to Article 83(3) and Article 83(4)(a) and Article 83(5)(e) of Regulation 2016/679, in conjunction with Article 103 of the Personal Data27 KB (4,446 words) - 09:51, 17 November 2023
- AEPD (Spain) - EXP202205791 (category Article 17 GDPR)observations. Firstly, the right to be forgotten can be found in Article 17 GDPR and Article 93 of the LOPDGDD, the Spanish data protection law. It establishes29 KB (4,648 words) - 12:38, 13 December 2023
- AEPD (Spain) - EXP202202937 (category Article 12 GDPR)(hereinafter referred to as GDPR); and in article 47 of the LOPDGDD. SECOND: In accordance with the provisions of article 55 of the RGPD, the Agency Spanish26 KB (3,997 words) - 18:59, 26 February 2024
- IMY (Sweden) - DI-2020-10518 (category Article 12(3) GDPR)Protection Officer, filip.johnssen@klarna.com Page 4 of 5Integritetsskyddsmyndigheten Record number: DI-2020-10518 5 (5) Date: 2021-03-31 How to appeal If you want18 KB (2,003 words) - 15:22, 6 December 2023
- Helsingin hallinto-oikeus (Finland) - H5259/2022 (category Article 6 GDPR)the social and health authority of a city to had breached Article 6 GDPR and Article 10 GDPR by requesting data subjects to provide it with personal data43 KB (6,678 words) - 08:41, 4 March 2024
- OLG München - 3 U 2906/20 (category Article 4(1) GDPR)a claim under Article 15 GDPR entitles the data subject to be provided with copies of their personal data and whether Article 15(3) GDPR contains an independent21 KB (3,450 words) - 10:33, 8 February 2022
- AEPD (Spain) - TD/00054/2020 (category Article 12 GDPR)set out in Article 15(1) of Regulation (EU) 2016/679 which are not be included in the remote access system. 3. For the purposes of Article 12(5) of Regulation22 KB (3,500 words) - 14:50, 13 December 2023
- AEPD (Spain) - EXP202201987 (category Article 15 GDPR)under Article 15 GDPR, in a timely manner as well as in clear and transparent form. Second, the DPA looked at the right to erasure under Article 17 GDPR21 KB (3,290 words) - 10:50, 13 December 2023
- OLG Stuttgart - 9 U 34/21 (category Article 82 GDPR)data breach (Article 32 GDPR). Does the plaintiff have a right to compensation according to Article 82(1) GDPR and does Article 82(3) GDPR stipulate a reversal60 KB (10,254 words) - 11:22, 22 December 2021
- AEPD (Spain) - PS/00386/2019 (category Article 7 GDPR)Juan, 6www.aepd.es28001 - Madridsedeagpd.gob.es Page 4 4/5In accordance with the provisions of article 39.1. c) of the LSSI, minor infractions canwill be16 KB (2,335 words) - 14:33, 13 December 2023
- CNIL (France) - SAN-2022-020 (category Article 5(1)(e) GDPR)obligations arising from Article 5(1)(e) of the GDPR. D. On the breach of the transparency obligation 36. Article 12(1) of the GDPR provides that "the controller59 KB (9,566 words) - 17:03, 6 December 2023
- Personvernnemnda (Norway) - PVN-2022-22 (category Article 9 GDPR)the personal protection regulation article 83 no. 5 that violation of articles 5, 6, 7 and 9 of accordance with article 83 no. 2 shall be imposed an infringement91 KB (14,440 words) - 10:06, 17 November 2023
- AEPD (Spain) - PS/00065/2020 (category Article 13 GDPR)required by Article 13 of the GDPR GDPR. The form used violated Article 13 of the GDPR conduct that is subsumi- ble under Article 83(5) of the GDPR, which provides:61 KB (9,973 words) - 13:55, 13 December 2023
- AEPD (Spain) - PS/00473/2019 (category Article 5 GDPR)chero. C / Jorge Juan, 6 www.aepd.es 28001 - Madrid sedeagpd.gob.es Page 4 4/12 - The person responsible for the File will be responsible for periodically35 KB (5,635 words) - 14:41, 13 December 2023
- AP (The Netherlands) - AWB-21 3909 (category Article 15(1) GDPR)the decision of 5 February 2019. 2.4. On July 1, 2019, the school attendance officer declared the claimant's objection unfounded. 2.5. Plaintiff has appealed19 KB (3,027 words) - 17:13, 12 December 2023
- OLG Koln - 15 U 45/23 (category Article 16 GDPR)database. The request for erasure under Article 17(1) GDPR is not applicable, because under Article 17(3)(e) GDPR, the processing was necessary for the defence26 KB (4,187 words) - 14:46, 8 May 2024
- HDPA (Greece) - 50/2022 (category Article 5(1)(b) GDPR)limitation under Article 5(1)(a) of the GDPR. 1(b) and the obligation (principle) of accountability under Article 5(1)(b). 2 of the GDPR, that is to say19 KB (2,790 words) - 15:32, 6 December 2023
- LAG Baden-Württemberg - Sa 11/18 (category Article 15 GDPR)information pursuant to Article 15 (1) of the GDPR relates to "personal data relating to an individual" pursuant to Article 4 No. 1 of the GDPR. In addition, the18 KB (2,724 words) - 08:24, 14 March 2022
- AEPD (Spain) - PS/00132/2022 (category Article 6(1) GDPR)Ms. A.A.A., herein the data controller, violated Article 6 GDPR and Article 13 GDPR, as well as Article 22.2 LSSI (Spanish national law). The data subject52 KB (8,416 words) - 12:59, 13 December 2023
- AEPD (Spain) - EXP202102778 (category Article 6(1)(f) GDPR)aforementioned infringement of article 6.1 of the GDPR could lead to the commission of the offenses typified in article 83.5 of the GDPR that under the The heading84 KB (13,036 words) - 13:26, 13 December 2023
- AEPD (Spain) - EXP202306257 (category Article 44 GDPR)EDREAMS, S.L. was ordered for a violation of the Article 44 of the GDPR, typified in Article 83.5 of the GDPR, adapt the activity of data processing carried83 KB (12,999 words) - 15:30, 6 March 2024
- Garante per la protezione dei dati personali (Italy) - 9361186 (category Article 5(1)(c) GDPR)protection of personal data, approved by resolution no. 98 of 4/4/2019, published in OJ no. 106 of 8/5/2019, web doc. no. 9107633 (hereinafter "Regulation of31 KB (5,041 words) - 15:49, 6 December 2023
- AKI (Estonia) - 2.1.-1/21/129 (category Article 6 GDPR)reply. The AKI reminded the defendant of its obligation under Article 13 GDPR and Article 14 GDPR to inform the data subject in a concise, clear, comprehensible22 KB (3,237 words) - 12:25, 17 June 2022
- Datatilsynet (Denmark) - 2019-31-2071 (category Article 15(4) GDPR)the right of access under Article 15(4) of the GDPR or section 22 of the DDPA can be invoked. It follows from Article 15 (4), that the right to obtain26 KB (3,820 words) - 16:22, 6 December 2023
- relation to contraventions of the UK-GDPR, section 168 DPA 2018 provides that "non-material damage" in Article 82 GDPR includes distress. In relation to breaches61 KB (8,986 words) - 08:40, 22 February 2022
- AEPD (Spain) - EXP202210237 (category Article 6(1) GDPR)fact that the processing of the controller relied on Article (6)(1)(b) GDPR and Article 6(1)(c) GDPR as legal basis affects the holding of the DPA since32 KB (4,780 words) - 10:44, 13 December 2023
- AEPD (Spain) - PS/00034/2020 (category Article 5(1)(f) GDPR)***NIF.1, for an infringement of Article 5.1.f) of the RGPD, typified in Article 83.5 of the RGPD, in relation to Article 72(1)(a) a fine of EUR 10 000 (TEN18 KB (2,727 words) - 13:50, 13 December 2023
- AEPD (Spain) - PS/00036/2020 (category Article 13 GDPR)based comply with Article 13 of the GDPR? The Spanish DPA found that the facts constituted an infringement for violation of Article 13 of the RGPD, and16 KB (2,587 words) - 13:50, 13 December 2023
- AEPD (Spain) - PS/00025/2019 (category Article 6(1) GDPR)provisions of article 9.5 of the RealDecree-Law 5/2018, the acceptance agreement for processing of this is signedclaim.Under the protection of article 11 of Royal88 KB (14,301 words) - 13:48, 13 December 2023
- Garante per la protezione dei dati personali (Italy) - 9524194 (category Article 58(2)(f) GDPR)the criminal sanction referred to in Article 170 of the Code and the administrative fine provided for in Article 83(5)(e) of the Regulation shall apply;9 KB (1,280 words) - 15:53, 6 December 2023
- AEPD (Spain) - PS/00415/2019 (category Article 6(1) GDPR)referred to as LPACAP), for the alleged infringement of Article 6.1 of the RGPD, as defined in Article 83.5 of the RGPD. FOURTH: Upon notification of the aforementioned22 KB (3,521 words) - 14:36, 13 December 2023
- AEPD (Spain) - EXP202200999 (category Article 6(1) GDPR)processing is based on consent under Article 6(1)(a) GDPR, the consent must meet the requirements of, among others, Article 7 GDPR. The DPA observed deficiencies51 KB (7,867 words) - 13:10, 13 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 2984/182/2019 (category Article 5(1)(c) GDPR)complied with the principle of data minimization as per Article 5 (1) (c) and Article 25 (2) GDPR? The Finnish DPA held that the controller has not complied17 KB (2,614 words) - 13:05, 3 March 2024
- NAIH (Hungary) - NAIH/2020/6484 (category Article 15(1)(a) GDPR)the general rule of Article 15 (1) (a), c) and d) of the GDPR by not giving substantive, specific answers to the request under Article 15 and by sharing27 KB (4,159 words) - 10:13, 17 November 2023
- AEPD (Spain) - TD/00044/2021 (category Article 17 GDPR)of these data (hereinafter, GDPR); and in article 47 of the LOPDGDD. SECOND: In accordance with the provisions of article 55 of the RGPD, the Agency Spanish22 KB (3,465 words) - 13:30, 13 December 2023
- Korkein hallinto-oikeus (Finland) - KHO:2024:34 (category Article 17(1) GDPR)Regulation) Article 1, paragraph 2, Article 5, Article 6, paragraph 1, subparagraph f, Article 17(1)(a), (c) and (d), Article 17(3)(a), Article 21(1) Judgments60 KB (9,713 words) - 13:07, 26 March 2024
- DSB (Austria) - 2021-0.024.862 (category Article 6(1)(f) GDPR)minimization (Art 5 Para 1 lit c GDPR) and Storage limitation (Art 5 Para 1 lit e GDPR). [...] The pursued legitimate interests (if Art 6 para 1 lit f GDPR as Legal38 KB (5,821 words) - 13:39, 12 May 2023
- Commissioner (Cyprus) - 11.17.001.009.232 (category Article 12(3) GDPR)breaching Article 12(3) GDPR, since it failed to notify the data subject that her erasure request was satisfied, as well as Article 24(1) GDPR, given that17 KB (2,515 words) - 11:17, 6 February 2024
- AEPD (Spain) - EXP202103878 (category Article 6(1) GDPR)Articles 57(1) and 58(2) GDPR for the processing of personal data without the consent of the data subject, as foreseen in Article 6 GDPR. Firstly, the DPA found20 KB (3,035 words) - 10:33, 13 December 2023
- HDPA (Greece) - 20/2021 (category Article 17(1) GDPR)five thousand euros (5,000.00) euros, for the above violations of article 17 in combination with article 21 par. 3 of the GCP and article 25 par. 1 of the20 KB (2,936 words) - 14:58, 22 November 2021
- Rb. Rotterdam - ROT 19/1393 (category Article 17(1) GDPR)information to be retained by the defendant any longer. 4. Pursuant to Article 17 (1) of the GDPR , a data subject has the right to obtain erasure of personal9 KB (1,203 words) - 16:30, 10 March 2022
- Datatilsynet (Denmark) - 2019-812-0035 (category Article 15 GDPR)the complainant's name would be an excessive burden according to Article 12 (5) GDPR. The prison officer then complained before the DPA about the Prison35 KB (5,628 words) - 16:38, 6 December 2023
- UODO (Poland) - DKN.5112.7.2020 (category Article 5(1)(a) GDPR)Justification . Pursuant to Article 78 paragraph 1, Article 79 paragraph 1 point 1 and Article 84 paragraph 1 point 1-4 of the Act of 10 May 2018 on the29 KB (4,687 words) - 09:56, 17 November 2023
- Tietosuojavaltuutetun toimisto (Finland) - 4359/163/2018 (category Article 5(1)(e) GDPR)from the Accounting Act, with more detailed reasons for the decision. Article 5 (1) (e) of the General Data Protection Regulation provides for restrictions15 KB (2,249 words) - 13:05, 3 March 2024
- AEPD (Spain) - PS/00317/2020 (category Article 13 GDPR)the lack of a privacy and cookie policy on a website infringe Article 13 GDPR and Article 22(2) LSSI? The AEPD decided to impose a fine to the clinic: €31 KB (4,862 words) - 14:28, 13 December 2023
- AEPD (Spain) - PS/00044/2020 (category Article 13 GDPR)of article Article 24.1, and in relation to the obligations referred to in the previous section, The information obligation provided for in Article 5 of39 KB (6,270 words) - 13:51, 13 December 2023
- 3.2.3. To an objection by the BF according to Art 21 GDPR According to Article 21 Paragraph 1 GDPR, every person concerned has the right to object at any30 KB (4,834 words) - 13:14, 10 November 2021
- APD/GBA (Belgium) - 16/2020 (category Article 5(2) GDPR)with Article 30(1) GDPR, despite employing fewer than 250 persons, because of the risk to the rights and freedoms of the data subject (article 30(5) GDPR)3 KB (316 words) - 16:55, 12 December 2023
- RvS - 201905319/1/A3 (category Article 12(6) GDPR)appeal is brief, it contains a ground as referred to in Article 6: 5, read in conjunction with Article 6:24 of the General Administrative Law Act. The appeal21 KB (3,337 words) - 10:08, 16 December 2020
- APD/GBA (Belgium) - 17/2020 (category Article 12(3) GDPR)way of a finding under article 15 of the GDR instead of the provisions of article 15 of the GDR. 36, § 4 and § 5 as well as Article 38, § 1 of the Law of52 KB (8,603 words) - 16:55, 12 December 2023
- Tietosuojavaltuutetun toimisto (Finland) - 3843/163/20 (category Article 5(1)(a) GDPR)the DPA held that the controller had violated Article 5(1)(a) GDPR, Article 5(1)(c) GDPR, Article 6 GDPR and Section 3 of the Finnish Act on the Protection39 KB (6,038 words) - 17:39, 29 April 2024
- CJEU - C‑479/22 - OC v Commission (category Article 4(1) GDPR)law to the GDPR, both regimes must be read in the same way. Second, identifiability is defined by Article 3(1) 2018/1725 (Article 4(1) GDPR). The use of6 KB (893 words) - 09:33, 19 April 2024
- AEPD (Spain) - PS/00006/2019 (category Article 6(1)(a) GDPR)contravene Articles 13(1), 6(1)(a) and 8 GDPR? The AEPD found that GRUP BC S.L violated Article 13(1), 6(1)(a) and 8 GDPR. Share your comments here! Share blogs27 KB (4,517 words) - 13:44, 13 December 2023
- Datatilsynet (Denmark) - 2019-431-0044 (category Article 5(1)(f) GDPR)personal data did not comply with the rules of Article 5 (1) of the Data Protection Regulation. 1 (f) and Article 32 (1) of the Data Protection Regulation.16 KB (2,399 words) - 16:34, 6 December 2023
- _gid; _ga_DZD8C8RYLW and_ga_G4RJWW5CDC3) as well as targeting cookies (_gat_gtag_UA_40838799_5; ts and _gat_gtag_UA_.30525763_4) were installed. They also52 KB (7,564 words) - 12:41, 13 December 2023
- AEPD (Spain) - EXP202204492 (category Article 6(1) GDPR)provisions of article 58.2.i) of the GDPR, for the alleged infringement of article 6.1 of the GDPR, typified in article 83.5.b) of the GDPR. SECOND: APPOINT26 KB (3,867 words) - 10:44, 13 December 2023
- AEPD (Spain) - PS/00339/2019 (category Article 5(1)(f) GDPR)against the respondent, for the alleged infringement of Article 6 of the RGPD, typified in Article 83.5 of the RGPD. In view of the foregoing, the following18 KB (2,781 words) - 14:30, 13 December 2023
- AEPD (Spain) - PS/00402/2019 (category Article 6 GDPR)second complaint alleging the ongoing violation of Article 6 GDPR. The AEPD finds the violation of Article 6 quite apparent and focuses on the criteria to15 KB (2,327 words) - 14:34, 13 December 2023
- Datatilsynet (Denmark) - 2020-441-4364 (category Article 5(1)(a) GDPR)not complied with Article 32 (1) of the Data Protection Regulation. 1 and 2, Article 33, para. Article 34 (3) (d) 1 and 2, and Article 5, para. 1, letter33 KB (5,347 words) - 16:39, 6 December 2023
- AEPD (Spain) - EXP202202928 (category Article 12 GDPR)with the provisions of section 2 of article 56 in relation to section 1 f) of article 57, both of the GDPR; and in article 47 of the LOPDGDD. SECOND: In accordance14 KB (2,003 words) - 12:37, 13 December 2023
- AEPD (Spain) - TD/00185/2019 (category Article 17 GDPR)***URL. SECOND: Dated May 20, 2019, in accordance with Article 65.4 of the Organic Law 3/2018 of December 5, Protection of Personal Data and Guarantee of Digital17 KB (2,620 words) - 14:51, 13 December 2023
- CNIL (France) - SAN-2021-020 (category Article 28(4) GDPR) (section On the failure to comply with Article 28 GDPR)breach of Article 28 paragraphs 3 and 4 of the GDPR is clear. 2. On the breach of the obligation to ensure data security 49. According to Article 32 of the56 KB (9,069 words) - 17:02, 6 December 2023
- AEPD (Spain) - PS/00293/2019 (category Article 5(1)(c) GDPR)the infringement of the data minimisation principle related, as per Article 5(1)(c) GDPR. The decision is the consequence of a complaint submitted by the3 KB (407 words) - 14:26, 13 December 2023
- VG Regensburg - RN 9 K 19.1061 (category Article 2 GDPR)under Article 77(1) GDPR and subsequently the right of judicial remedy against the supervisory authority under Article 78(1) GDPR. Article 79 (1) GDPR provides94 KB (15,537 words) - 09:09, 25 August 2020
- AEPD (Spain) - E/07449/2019 (category Article 13 GDPR)basis of the processing; 4.5.2016 L 119/40 Official Journal of the European Union EN (d) where the processing is based on Article 6(1)(f), the legitimate11 KB (1,680 words) - 13:41, 13 December 2023
- HDPA (Greece) - 43/2019 (category Article 5(1)(a) GDPR)the GDPR within 1 month starting from the receipt of this decision; c)ordered the company comply with the Article 5(1)(a) GDPR and Article 5(2) GDPR, as5 KB (459 words) - 15:39, 6 December 2023
- CE - N° 430810 (category Article 6(1)(a) GDPR)to in Article 9 of the GDMPR in order to infer that such consent would not be necessary for data not referred to in that Article, since Article 4 of the42 KB (6,800 words) - 09:50, 10 September 2021
- Datatilsynet (Denmark) - 2019-441-1581 (category Article 34 GDPR)persons pursuant to Article 34(1) GDPR. The Danish DPA found that Intervare did not go through with a proper assessment pursuant to Article 34(1), as it had24 KB (3,365 words) - 16:37, 6 December 2023
- Rb. Amsterdam - C/13/696660/HA RK - 21-37 (category Article 79(2) GDPR)been stated nor has it been proven. 3.11. The GDPR also has a jurisdiction regulation. Article 79(2) of the GDPR provides that proceedings against a controller18 KB (2,617 words) - 08:23, 2 September 2021
- AEPD (Spain) - EXP202305050 (category Article 58(1) GDPR)LPACAP), for the alleged infringement of Article 58.1 of the GDPR, typified in the Article 83.5 of the GDPR Regulation (EU) 2016/679 (General Regulation57 KB (9,217 words) - 10:44, 13 December 2023
- authority (cf. Article 36 (2) no. 7 lit. a DPA) for the purposes of military self-protection (cf. Article 36 (1) DPA in conjunction with Article 2 (1) no. 228 KB (3,418 words) - 13:49, 12 May 2023
- RvS - 201901006/1/A2 (category Article 79 GDPR)did not acknowledge that with the introduction of Title 8.4 in the Awb on the basis of Article 8:4, paragraph 1, opening words and under f of the Awb, the34 KB (5,179 words) - 07:10, 7 April 2020
- AEPD (Spain) - EXP202203606 (category Article 17(1)(a) GDPR)free circulation of these data (hereinafter GDPR); and in article 47 of the Law Organic 3/2018, of December 5, on the Protection of Personal Data and guarantee22 KB (3,264 words) - 13:29, 13 December 2023
- AEPD (Spain) - EXP202200436 (category Article 6(1) GDPR)claimed party, for the alleged infringement of Article 6.1 of the RGPD, typified in Article 83.5 of the GDPR. FIFTH: Notification of the aforementioned start-up8 KB (1,143 words) - 13:02, 13 December 2023
- LAG Berlin-Brandenburg - 10 Sa 443/21 (category Article 15 GDPR)meaning of Article 4 No. 7 GDPR. However, the defendant cannot be accused of violating an obligation to provide information under Art. 15, 12 GDPR. Paragraph28 KB (4,527 words) - 15:58, 26 April 2022
- Tietosuojavaltuutetun toimisto (Finland) - 4282/161/21 (category Article 5(1)(f) GDPR)controller had violated Article 5(1)(f) GDPR, Article 17(1) GDPR, Article 25(1) GDPR, Article 32(1) GDPR and Article 32(2) GDPR. As a result, the DPA issued56 KB (8,980 words) - 08:47, 4 March 2024
- UODO (Poland) - DKE.561.3.2020 (category Article 31 GDPR)protected (Article 32, Article 24 (1) and (2) of Regulation 2016/679). Has the Chief Surveyor of the country appointed a data protection officer (Article 37 of51 KB (8,322 words) - 09:51, 17 November 2023
- CNIL (France) - SAN-2024-002 (category Article 5(1)(e) GDPR)purpose constituted a breach of Article 5(1)(e) GDPR. Secondly, the CNIL indicated that the controller breached Article 13 GDPR by failing to include the right56 KB (8,757 words) - 14:12, 28 February 2024
- HDPA (Greece) - 12/2024 (category Article 17 GDPR)accordance with the above article 17 of the GDPR, as it has been interpreted according to the content of the Guidelines 5/2019 of the GDPR, the data subject has37 KB (5,933 words) - 16:53, 19 April 2024