Search results | European Data Protection Board

French SAs list of the kind of processing operations exempt from the requirement for a Data Protection Impact Assessment under Art 35(5) of the General Data Protection Regulation (EU) 2016/679 (GDPR)
12 September 2019
Decision by the SA
… of processing operations exempt from the requirement for a Data Protection Impact Assessment under Art 35(5) of the General Data Protection Regulation (EU) 2016/679 (GDPR) Decision …
EDPBI:BE:OSS:D:2022:325
2 February 2022
… Article 5 (Principles relating to processing of personal data) Article 6 (Lawfulness of processing) Article 7 … Article 32 (Security of processing) Article 35 (Data protection impact assessment) Article 37 (Designation of the data protection officer) Keywords Advertising E-Commerce Lawfulness of …
EDPBI:DK:OSS:D:2019:69
25 June 2019
… and modalities for the exercise of the rights of the data subject) Article 17 (Right to erasure (‘right to be … Article 5 (Principles relating to processing of personal data) Keywords Data subject rights Right to erasure … 2018-7320-0166 Doc.no. 137612 Caseworker The Danish Data Protection Agency Borgergade 28, 5. 1300 Copenhagen Denmark …
Romanian Supervisory Authority issues two fines each of 23,893 lei (EUR 5,000) against Entirely Shipping & Trading S.R.L.
13 December 2019
News
… of provisions of Articles 12 and 13 of the General Data Protection Regulation (GDPR); the infringement of Article 5 … it provided clear, complete and correct information to the data subjects; fine in the amount of 23893 lei, the …
Polish DPA imposes a Penalty of a Reprimand for the Processing of Students’ Personal Data
2 September 2020
News
… of a Reprimand for the Processing of Students’ Personal Data 2 September 2020 Poland The President of the Personal Data Protection Office (UODO) imposed a penalty of a reprimand …
Finland SAs list of the kind of processing operations which are subject to the requirement for a Data Protection Impact Assessment under Article 35(4) of the General Data Protection Regulation (EU) 2016/679 (GDPR)
15 October 2018
Decision by the SA
… operations which are subject to the requirement for a Data Protection Impact Assessment under Article 35(4) of the General Data Protection Regulation (EU) 2016/679 (GDPR) Decision …
Norway SAs list of the kind of processing operations which are subject to the requirement for a Data Protection Impact Assessment under Article 35(4) of the General Data Protection Regulation (EU) 2016/679 (GDPR)
16 March 2019
Decision by the SA
… operations which are subject to the requirement for a Data Protection Impact Assessment under Article 35(4) of the General Data Protection Regulation (EU) 2016/679 (GDPR) Decision …
Germany SAs' list of the kind of processing operations which are subject to the requirement for a Data Protection Impact Assessment under Article 35(4) of the General Data Protection Regulation (EU) 2016/679 (GDPR)
16 October 2018
Decision by the SA
… operations which are subject to the requirement for a Data Protection Impact Assessment under Article 35(4) of the General Data Protection Regulation (EU) 2016/679 (GDPR) Decision …
Ireland SAs list of the kind of processing operations which are subject to the requirement for a Data Protection Impact Assessment under Article 35(4) of the General Data Protection Regulation (EU) 2016/679 (GDPR)
15 November 2018
Decision by the SA
… operations which are subject to the requirement for a Data Protection Impact Assessment under Article 35(4) of the … Guidelines WP 243 rev.01 “Guidelines on Data Protection Officers (‘DPOs’)” • Further information on profiling, …
Polish DPA & ID Finance Poland: Checking potential system vulnerabilities cannot be delayed
13 January 2021
News
… threat and remove it led the company ID Finance Poland to data loss. Therefore, the President of the Personal Data Protection Office (UODO) found that the company had not …
CEF 2024: Launch of coordinated enforcement on the right of access
28 February 2024
Press releases
… 28 February 2024 EDPB Brussels, 28 February - The European Data Protection Board has kicked off its Coordinated Enforcement … 2022, and the designation and position of Data Protection Officers, in 2023 . For further information: AT DPA: …
Czech Republic SAs list of the kind of processing operations which are subject to the requirement for a Data Protection Impact Assessment under Article 35(4) of the General Data Protection Regulation (EU) 2016/679 (GDPR)
8 February 2019
Decision by the SA
… operations which are subject to the requirement for a Data Protection Impact Assessment under Article 35(4) of the General Data Protection Regulation (EU) 2016/679 (GDPR) Decision …
Guidelines 4/2019 on Article 25 Data Protection by Design and by Default
20 October 2020
Guidelines
… Guidelines 4/2019 on Article 25 Data Protection by Design and by Default 20 October 2020 … of processing.  Where the controller has a Data Protection Officer (DPO), the EDPB encourages the active involvement of …
Finnish SA: Fine for a company for carrying out direct marketing with robocalls without consent
6 July 2021
News
… with robocalls without consent 6 July 2021 Finland The Data Protection Ombudsman’s sanctions board has imposed an administrative fine on a magazine publisher due to data protection violations related to direct marketing. The …
Polish SA fines controller EUR 6700 for failure to implement appropriate security measures
16 May 2023
News
… Article 5 (Principles relating to processing of personal data), Article 24 (Responsibility of the controller), Article 25 (Data protection by design and by default), Article 32 (Security …
EDPBI:DEBB:OSS:D:2019:53
2 October 2019
… PL Main legal reference Article 15 (Right of access by the data subject) Article 5 (Principles relating to processing … complainant filed a complaint against ith the Austrian data protection authority ("ÖDSB") regarding the roof of parental … oral request for comment to the company's data protection officer on 15 th January 2019, the was informed that does …
Polish DPA & Virgin Mobile Polska: Incidental safeguards review is not regular testing of technical measures
13 January 2021
News
… 13 January 2021 Poland The President of the Personal Data Protection Office (UODO) imposed a fine of PLN 1.9 million … measures to ensure the security of the processed data. UODO stated that the company infringed the principles …
The Norwegian Supervisory Authority’s fines Lillestrøm Municipal Council
5 May 2022
News
… and fine imposed Key words: special categories of personal data, unauthorised access Summary of the Decision Origin … public access, which they should have been. The executive officer failed to notice this, and the document passed … is a violation of Article 32 (1) (b) of the General Data Protection Regulation, which requires implementation of a …
EDPB adopts statement on European Police Cooperation Code & picks topic for next coordinated action
14 September 2022
News
… associated with the processing of individuals’ personal data in criminal matters, especially where this concerns … which will concern the designation and position of the data protection officer . Further work will now be carried out to specify …
Decision in the matter of Twitter International Company made pursuant to Section 111 of the Data Protection Act 2018
9 December 2020
Decision by the SA
… International Company made pursuant to Section 111 of the Data Protection Act 2018 Decision Type SA Ireland 9 December 2020 … at that point, insofar as the Global Data Protection Officer (‘the DPO’) was not added to the incident “ticket”, …