19 February 2020
… and modalities for the exercise of the rights of the data subject) Article 17 (Right to erasure (‘right to be … to your company regarding a violation of the General Data Protection Regulation (GDPR) when processing personal …
4 November 2022
… Article 5 (Principles relating to processing of personal data) Article 6 (Lawfulness of processing) Article 7 (Conditions for consent) Article 38 (Position of the data protection officer) Keywords Lawfulness of processing Consent Data …
18 December 2019
… 18 December 2019 Germany The Federal Commissioner for Data Protection and Freedom of Information (BfDI) imposed a fine … 37 of the GDPR to appoint an internal data protection officer. When imposing the 10.000 Euro fine, the fact was …
30 June 2021
… Article 13 (Information to be provided where personal data are collected from the data subject) Article 37 (Designation of the data protection officer) Keywords Transparency Right to be informed Data …
6 November 2019
… 6 November 2019 Poland The President of the Personal Data Protection Office imposed an administrative fine of over PLN … the right to withdraw consent to the processing of personal data. The company - ClickQuickNow Sp. z o.o. did not …
7 May 2020
… the complainant had requested the deletion of his personal data. The deletion of data was confirmed to him by e-mail. This e-mail was not … on is not available at Care.com Europe GmbH. Thus, no data protection violation could be determined. Furthermore, it …
25 February 2020
… controller) Article 32 (Security of processing) Keywords Data security Password Right of access Outcome Reprimand … of emails between the CNIL and your company's Data Protection Officer (hereinafter referred to as "DPO") in the context of …
… Guidelines During its first plenary meeting the European Data Protection Board endorsed the GDPR related WP29 Guidelines: … 2016/679, WP248 rev.01 Guidelines on Data Protection Officers ('DPO'), WP243 rev.01 Guidelines for identifying a …
11 February 2021
… its obligations as a controller. According to the Personal Data Protection Office, the controller did not take the necessary … measures in order to ensure the security of personal data contained in the copy of the database of the training …
22 November 2021
… Millennium fined for failure to notify the breach and the data subjects about the incident 22 November 2021 Poland … S.A. Legal Reference: Notification of a personal data breach to the supervisory authority (Article 33(1)), … of the Decision Origin of the case The Personal Data Protection Office (UODO) learnt about the personal data …
3 June 2020
… Article 32 (Security of processing) Keywords Personal data breach Outcome Reprimand Summary 60.4KB Download … … J.No. 2019-441-3337 Doc.no. 167462 Caseworker The Danish Data Protection Agency Borgergade 28, 5. 1300 Copenhagen Denmark …
12 February 2021
… 12 February 2021 Sweden The Swedish Authority for Privacy Protection finds that the Swedish Police Authority has processed personal data in breach of the Swedish Criminal Data Act when using Clearview AI to identify individuals. …
26 July 2019
… operations which are subject to the requirement for a Data Protection Impact Assessment under Article 35(4) of the General Data Protection Regulation (EU) 2016/679 (GDPR) Decision …
9 June 2021
… privacy of sick employees 9 June 2021 Netherlands The Dutch Data Protection Authority (DPA) has imposed a fine of €15,000 on … about such things. That is for the in-house medical officer or the safety, health and welfare services to …
3 January 2024
… 2023 Cross-border case Hungarian National Authority for Data Protection and Freedom of Information (Hungarian Supervisory Authority, SA) and CSAs: Office for Personal Data Protection of the Slovak Republic (Slovak Supervisory …
31 January 2019
… to a) explore the level of compliance with the General Data Protection Regulation (GDPR) -six months after its entry … a sufficient degree, more than 70%, of Data Protection Officers’ designation was noted in the private sector. On …
16 October 2018
… operations which are subject to the requirement for a Data Protection Impact Assessment under Article 35(4) of the … scale as set out in the Guidelines for the Data Protection Officer (WP243) and the Impact Assessment (WP248). c. …
5 January 2021
… based in Warsaw, which, as the controller of personal data, did not meet the obligation of cooperation with the … is closely related to obtaining and processing of personal data. The personal data protection regulations and the obligations they impose on …
13 May 2021
… DPA: Dragefossen AS fined 13 May 2021 Norway The Norwegian Data Protection Agency has fined the power company Dragefossen AS … on YouTube and the company’s own website. Up until the Data Protection Authority contacted the company, it was …
12 September 2019
… of processing operations exempt from the requirement for a Data Protection Impact Assessment under Art 35(5) of the General Data Protection Regulation (EU) 2016/679 (GDPR) Decision …