Search results | European Data Protection Board

Merck & Co., Inc. (MSD)
1 July 2016
… of the Group’s respective regular business activities. Pre-GDPR Yes … Merck & Co., Inc. (MSD) …
Fiserv, Inc. (First Data Corporation)
1 July 2011
… of the Group’s respective regular business activities Pre-GDPR Yes … Fiserv, Inc. (First Data Corporation) …
Fiserv, Inc. (First Data Corporation)
1 July 2011
… of the Group’s respective regular business activities Pre-GDPR Yes … Fiserv, Inc. (First Data Corporation) …
ABN AMRO Group N.V.
1 July 2012
… of the Group’s respective regular business activities Pre-GDPR Yes … ABN AMRO Group N.V. …
Simon-Kucher & Partners
1 July 2015
… of the Group’s respective regular business activities Pre-GDPR Yes … Simon-Kucher & Partners …
ARDIAN(previously known as AXA PRIVATE EQUITY)
1 July 2013
… of the Group’s respective regular business activities. Pre-GDPR Yes … ARDIAN(previously known as AXA PRIVATE EQUITY) …
Marsh and McLennan Companies Inc.
1 July 2017
… of the Group’s respective regular business activities. Pre-GDPR Yes … Marsh and McLennan Companies Inc. …
Marsh and McLennan Companies Inc.
1 July 2017
… of the Group’s respective regular business activities. Pre-GDPR Yes … Marsh and McLennan Companies Inc. …
Polish DPA: A data breach must be notified to the supervisory authority
11 January 2021
News
… not complied with the obligation under Article 33 of the GDPR. When determining the amount of the administrative … DPA reminds that pursuant to Article 33 (1) and (3) of the GDPR, in the case of a personal data breach, the controller … not complied with the obligation under Article 33 of the GDPR. When determining the amount of the administrative …
Polish SA: record fine imposed on Fortum Marketing and Sales Polska S.A. for personal data breach
17 March 2022
News
… (Art. 32(1) and Art. 32(2)). Decision: infringement of the GDPR, administrative fine. Key words: responsibility of the … The Polish DPA found that the controller infringed the GDPR provisions i.e. Art. 5(1)(f), Art. 24(1), Art. 25(1), … (Art. 32(1) and Art. 32(2)). Decision: infringement of the GDPR, administrative fine. Key words: responsibility of the …
State Commissioner for Data Protection in Lower Saxony imposes € 10.4 million fine against notebooksbilliger.de
26 January 2021
News
… Lower Saxony under the General Data Protection Regulation (GDPR). The GDPR enables supervisory authorities to impose fines of up … Lower Saxony under the General Data Protection Regulation (GDPR). The GDPR enables supervisory authorities to impose …
Fine imposed for preventing the Supervisory Authority from performing an inspection
3 April 2020
News
… the company infringed the provisions of Article 31 of the GDPR with regard to Article 58(1)(e) and (f) of the GDPR referring to cooperation with the supervisory authority … the company infringed the provisions of Article 31 of the GDPR with regard to Article 58(1)(e) and (f) of the GDPR …
The Norwegian SA issues fine and order company to establish procedures after unlawful credit rating
17 December 2021
News
… Legal basis (Article 6) Decision: Infringement of the GDPR, Order to establish procedures Key words: Credit Rating … Legal basis (Article 6) Decision: Infringement of the GDPR, Order to establish procedures Key words: Credit Rating …
July Plenaries - adopted documents
2 August 2022
News
… Ireland Limited (Meta IE)). In accordance with Art. 65 (5) GDPR, the EDPB will publish its decision on its website … Ireland Limited (Meta IE)). In accordance with Art. 65 (5) GDPR, the EDPB will publish its decision on its website …
Data Protection Code of Conduct for Cloud Infrastructure Service Providers
3 June 2021
Decision by the SA
… France Type Code for Controllers/Processors subject to GDPR Scope Transnational Monitoring Body EY CERTIFYPOINT BV … 2021_cispe_cloud_iaas_data_protection_code_of_conduct_-_gdpr_compliance.pdf 1.4MB Μεταφόρτωση file 1 …
EDPBI:UK:OSS:D:2020:147
16 October 2020
… measures, as required by Article 5(1)(f) and by Article 32 GDPR. The LSA concluded that there are a number of … constitute a serious failure to comply with the GDPR. The LSA decided to impose on the controller an …
Spanish Data Protection Authority (AEPD) imposes fine on company for not complying with advertisement exclusion
18 August 2020
News
… to processing for marketing purposes under Article 21 GDPR. However, the company did not comply with its … to processing for marketing purposes under Article 21 GDPR. However, the company did not comply with its …
Join the stakeholder event on EDPB opinion on ‘AI models’
11 October 2024
News
… on issues relating to the request for an Art. 64(2) GDPR opinion on artificial intelligence ("AI") submitted to … on issues relating to the request for an Art. 64(2) GDPR opinion on artificial intelligence ("AI") submitted to …
Norwegian DPA: Waxing Palace AS fined
28 October 2021
News
… to be in breach of the General Data Protection Regulation (GDPR). The fine amount is based on an overall assessment, … to be in breach of the General Data Protection Regulation (GDPR). The fine amount is based on an overall assessment, …
Polish DPA Fines ENEA S.A.: A data breach must be notified to the supervisory authority
11 January 2021
News
… not complied with the obligation under Article 33 of the GDPR. When determining the amount of the administrative … DPA reminds that pursuant to Article 33 (1) and (3) of the GDPR, in the case of a personal data breach, the controller … not complied with the obligation under Article 33 of the GDPR. When determining the amount of the administrative …