Skip to main content
European Data Protection Board
en
Bulgarian (bg)
Finnish (fi)
French (fr)
Irish (ga)
Croatian (hr)
Hungarian (hu)
Italian (it)
Spanish (es)
Czech (cs)
Lithuanian (lt)
Danish (da)
Latvian (lv)
German (de)
Maltese (mt)
Dutch (nl)
Estonian (et)
Greek (el)
Polish (pl)
Portuguese (pt-pt)
Romanian (ro)
Slovak (sk)
Slovenian (sl)
Swedish (sv)
Main navigation
Home
About EDPB
About EDPB
Who we are
Our Members
EDPB Secretariat
Strategy & Work Programme
Rules of procedure and Memorandum of Understanding
Internal procedural guidance
Legal Framework
Press Kit
Legal Notices
Data Protection Notice
Cookies
Public access to documents
Copyright
More about the EDPB
Contact us
Career opportunities
Article 29 Working Party
Legal studies by external providers
Publications
Annual reports
One-Stop-Shop case digests
Our Work & Tools
General Guidance
Guidelines, Recommendations, Best Practices
Public Consultations on our guidance
Other guidance and Information notes
Support Cooperation and Enforcement
GDPR Cooperation and Enforcement
Consistency and Cooperation procedures
International Cooperation & Cooperation with Other Authorities
Registers
Final One Stop Shop Decisions
Approved Binding Corporate Rules
Codes of Conduct, amendments and extensions
Decisions taken by supervisory authorities and courts on issues handled in the consistency mechanism
Documents addressed to the European Commission or National Authorities
Opinions
Binding Decisions
GDPR or LED evaluations
Other documents addressed to EU legislator or Member States
EDPB Plenary meetings
Agenda
Plenary Minutes
Other documents
Letters
Internal documents
View all our documents
News
CSC
About CSC
Who we are
Members
CSC Secretariat
CSC Meetings
Work Programme
Legal Framework
Our Work & Tools
Biannual reports
IMI Reports
Search
Search on the EDPB web site:
Home
Our Work & Tools
Final One Stop Shop Decisions
Final One Stop Shop Decisions
EDPBI:DK:OSS:D:2022:368
20 May 2022
LSA
DK
CSA
BE
DE
IE
IT
FI
FR
ES
NO
LT
PT
UK
Main legal reference
Article 12 (Transparent information, communication and modalities for the exercise of the rights of the data subject)
Article 15 (Right of access by the data subject)
Keywords
Right of access
Lawfulness of processing
Processor
E-Commerce
Outcome
No violation
Download
EDPBI:FR:OSS:D:2021:313
28 December 2021
LSA
FR
CSA
IT
NL
ES
ALL DE
Main legal reference
Article 28 (Processor)
Article 32 (Security of processing)
Article 33 (Notification of a personal data breach to the supervisory authority)
Article 34 (Communication of a personal data breach to the data subject)
Keywords
Personal data breach
Data security
Processor
Clients
Publicly available data
Payment data
Outcome
Administrative fine
Summary
Download
EDPBI:FR:OSS:D:2021:306
16 September 2021
LSA
FR
CSA
ES
BE
NL
DE
Main legal reference
Article 5 (Principles relating to processing of personal data)
Article 12 (Transparent information, communication and modalities for the exercise of the rights of the data subject)
Article 13 (Information to be provided where personal data are collected from the data subject)
Article 28 (Processor)
Article 32 (Security of processing)
Keywords
Principles relating to processing of personal data
Purpose limitation
Retention time
Transparency
Right to be informed
Data processing agreement
Processor
Data security
Password
Encryption
E-Commerce
Outcome
Compliance order
Download
EDPBI:FR:OSS:D:2021:202
1 April 2021
LSA
FR
CSA
AT
BE
DE
NL
ES
NO
UK
Main legal reference
Article 5 (Principles relating to processing of personal data)
Article 17 (Right to erasure (‘right to be forgotten’))
Article 28 (Processor)
Article 30 (Records of processing activities)
Article 32 (Security of processing)
Keywords
Retention time
Right to erasure
Processor
Record of processing activities
Data security
Password
Outcome
Compliance order
Download