Filtered (152)
Filters
Search
Type
Country
Categories
Show (152)
Cancel
Commission v EDPS (Case T-262/24)

Data Sharing

2024 Coordinated Enforcement Action Implementation of the right of access by controllers by EDPB

Access Requests (DSAR), Data Subjects Rights

DSB (Austria) – D130.1013 2024-0.743.431 nyob vs Google

Data Controller, Data Subjects Rights, Definitions

Case T-262/24 Commission v EDPS

Data Processing Agreement (DPA), Data Sharing, Records of processing Activities (ROPA)

WhatsApp Data-Sharing Ban in India: Meta Faces $25.4M Fine

Data Sharing

Statement 5/2024 on the Recommendations of the High-Level Group on Access to Data for Effective Law Enforcement by EDPB

Access Requests (DSAR), Data Subjects Rights

Data Broker Sells Voter Data on Support for QAnon and January 6

Data Sharing

Requests for Access Toolkit Tracker

Access Requests (DSAR)

Data Sharing Toolkit Tracker

Data Sharing

Records Management Toolkit Tracker

Data Retention, Personal Data Collection, Records of processing Activities (ROPA)

Data Sharing Toolkit Tracker – more information about the Toolkit by UK ICO

Data Sharing

Records Management Toolkit Tracker – more information about the Toolkit by UK ICO

Data Retention, Personal Data Collection, Records of processing Activities (ROPA)

Requests For Access Toolkit Tracker – more information about the Toolkit by UK ICO

Access Requests (DSAR)

Italian Data Protection Authority (Garante)-Medical association (6/20/2024)

Access Requests (DSAR), Data Subjects Rights

Italian Data Protection Authority (Garante)-Rossi Carta S.r.l. (4/24/2024)

Access Requests (DSAR), Controllers and Processors, Data Protection Officer (DPO), Data Subjects Rights, Lawfulness of Processing

Hellenic Data Protection Authority (HDPA)-METRO SA (6/27/2024)

Access Requests (DSAR), Controllers and Processors, Data Subjects Rights, Technical and Organisational Measures (TOMs)

Cypriot Data Protection Commissioner-Aylo Social LTD (2/8/2024)

Access Requests (DSAR), Data Subjects Rights

Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)-Corint Logistic SRL. (5/30/2024)

Access Requests (DSAR), Data Subjects Rights, Lawfulness of Processing, Principles, Right to Object, Sensitive Data

Italian Data Protection Authority (Garante)-Azzurro Club Hotels S.r.l. (5/9/2024)

Access Requests (DSAR), Consent, Data Subjects Rights, Lawfulness of Processing

Spanish Data Protection Authority (aepd)-DELPASO CAR HIRE, S.L.U. (4/30/2024)

Access Requests (DSAR), Data Subjects Rights

Italian Data Protection Authority (Garante)-Banca di Credito Cooperativo Appulo Lucana soc. cooperativa (3/7/2024)

Access Requests (DSAR), Data Subjects Rights

Spanish Data Protection Authority (aepd)-IBERIA LÍNEAS AÉREAS DE ESPAÑA, S.A. OPERADORA. (2/13/2024)

Access Requests (DSAR), Data Subjects Rights

Spanish Data Protection Authority (aepd)-ASNEF-EQUIFAX, SERVICIOS DE INFORMACIÓN SOBRE SOLVENCIA Y CRÉDITO, S.L. (2/13/2024)

Access Requests (DSAR), Data Subjects Rights

Spanish Data Protection Authority (aepd)-VACACIONES EDREAMS, S.L. (12/12/2023)

Access Requests (DSAR), Data Subjects Rights

Spanish Data Protection Authority (aepd)-EASYJET AIRLINE COMPANY LIMITED (11/21/2023)

Access Requests (DSAR), Data Subjects Rights

Italian Data Protection Authority (Garante)-Intesa Sanpaolo Spa (9/14/2023)

Access Requests (DSAR), Data Subjects Rights

Spanish Data Protection Authority (aepd)-FESTINA LOTUS S.A. (10/18/2023)

Access Requests (DSAR), Data Subjects Rights

Italian Data Protection Authority (Garante)-AcegasApsAmga SpA (7/6/2023)

Access Requests (DSAR), Data Subjects Rights, Lawfulness of Processing

Data Protection Authority of Niedersachsen-Company (7/14/1905)

Access Requests (DSAR), Data Subjects Rights

Data Protection Authority of Berlin-Credit agency (7/14/1905)

Access Requests (DSAR), Data Subjects Rights

Spanish Data Protection Authority (aepd)-RCI BANQUE, S.A. SUCURSAL EN ESPAÑA (6/7/2023)

Access Requests (DSAR), Data Subjects Rights

Hellenic Data Protection Authority (HDPA)-Vodafone (2/20/2023)

Access Requests (DSAR), Data Subjects Rights

Data Protection Authority of Hamburg-Covid-19 test center (7/14/1905)

Access Requests (DSAR), Data Subjects Rights

Spanish Data Protection Authority (aepd)-HERON CITY VALENCIA MANAGEMENT S.L. (2/21/2023)

Access Requests (DSAR), Data Subjects Rights

Spanish Data Protection Authority (aepd)-GRUPO NORCONSULTING, S.L. (2/28/2023)

Access Requests (DSAR), Data Subjects Rights

Spanish Data Protection Authority (aepd)-EUROPYMES SERVICIOS INTEGRALES S.L. (2/28/2023)

Access Requests (DSAR), Data Subjects Rights

Italian Data Protection Authority (Garante)-Comune di Monte Sant’Angelo (4/28/2022)

Access Requests (DSAR), Controllers and Processors, Data Subjects Rights, Lawfulness of Processing, Representative

Italian Data Protection Authority (Garante)-Mister Brick S.a.s. (8/5/2022)

Access Requests (DSAR), Accountability, Controllers and Processors, Data Subjects Rights, Principles, Representative

Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)-Dante Internațional SA (1/18/2023)

Access Requests (DSAR), Data Subjects Rights

French Data Protection Authority (CNIL)-FREE SAS (12/8/2022)

Access Requests (DSAR), Controllers and Processors, Data Subjects Rights, Technical and Organisational Measures (TOMs)

Italian Data Protection Authority (Garante)-Codess Sociale, Soc. Coop. sociale. (10/6/2022)

Access Requests (DSAR), Data Subjects Rights

Italian Data Protection Authority (Garante)-Colosseo S.r.l. (8/5/2022)

Access Requests (DSAR), Accountability, Controllers and Processors, Data Subjects Rights, Principles, Representative

French Data Protection Authority (CNIL)-Clearview Al Inc. (10/17/2022)

Access Requests (DSAR), Data Subjects Rights, Lawfulness of Processing

Icelandic data protection authority (‘Persónuvernd’)-HEI – Medical Travel (5/3/2022)

Access Requests (DSAR), Data Subjects Rights

Italian Data Protection Authority (Garante)-Stay over s.r.l. (7/21/2022)

Access Requests (DSAR), Data Subjects Rights, Principles

Italian Data Protection Authority (Garante)-Federazione Italiana Nuoto (6/16/2022)

Access Requests (DSAR), Data Subjects Rights

French Data Protection Authority (CNIL)-ACCOR SA (8/19/2022)

Access Requests (DSAR), Data Subjects Rights, Right to Object

Hellenic Data Protection Authority (HDPA)-WIND Ελλάς Τηλεπικοινωνίες ΑΕΒΕ (6/20/2022)

Access Requests (DSAR), Data Subjects Rights

Italian Data Protection Authority (Garante)-Made in Italy s.r.l.s. (4/7/2022)

Access Requests (DSAR), Controllers and Processors, Data Protection Officer (DPO), Data Subjects Rights, Lawfulness of Processing

Spanish Data Protection Authority (aepd)-Mercadona S.A. (5/13/2022)

Access Requests (DSAR), Data Subjects Rights, Lawfulness of Processing

Spanish Data Protection Authority (aepd)-CLÍNICA DENTAL SAN FRANCISCO, S.L. (4/29/2022)

Access Requests (DSAR), Data Subjects Rights

Belgian Data Protection Authority (APD)-Company (4/1/2022)

Access Requests (DSAR), Controllers and Processors, Data Subjects Rights, Lawfulness of Processing, Representative

Italian Data Protection Authority (Garante)-Studio Colli Aniene Verderocca S.r.l. (2/10/2022)

Access Requests (DSAR), Data Subjects Rights

Italian Data Protection Authority (Garante)-Azienda sanitaria provinciale di Caltanissetta (3/10/2022)

Access Requests (DSAR), Controllers and Processors, Data Subjects Rights, Principles, Representative

Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)-Operatorul Briza Land S.R.L. (3/10/2022)

Access Requests (DSAR), Data Subjects Rights

Spanish Data Protection Authority (aepd)-RECLAMADOR, S.L. (2/14/2022)

Access Requests (DSAR), Data Subjects Rights

Data Protection Authority of Ireland-Limerick City and County Council (12/9/2021)

Access Requests (DSAR), Data Subjects Rights

Italian Data Protection Authority (Garante)-TIM S.p.A. (11/11/2021)

Access Requests (DSAR), Data Subjects Rights

Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)-Telekom Romania Communications SA (12/6/2021)

Access Requests (DSAR), Accountability, Accuracy, Data Subjects Rights, Principles, Sensitive Data

Data Protection Authority of Saxony-Unknown (7/11/1905)

Access Requests (DSAR), Data Subjects Rights

Hellenic Data Protection Authority (HDPA)-Rhodes Municipal Transport Company (9/3/2021)

Access Requests (DSAR), Data minimisation, Data Subjects Rights

Spanish Data Protection Authority (aepd)-PERSONAL MARK, S.L. (7/27/2021)

Access Requests (DSAR), Data Subjects Rights

French Data Protection Authority (CNIL)-BRICO PRIVÉ (6/14/2021)

Access Requests (DSAR), Controllers and Processors, Data Subjects Rights, Principles, Storage limitation, Technical and Organisational Measures (TOMs)

Norwegian Supervisory Authority (Datatilsynet)-Unknown (6/22/2021)

Access Requests (DSAR), Controllers and Processors, Data Subjects Rights, Principles, Representative

Hellenic Data Protection Authority (HDPA)-KARIERA A.E. (5/12/2021)

Access Requests (DSAR), Data Subjects Rights, Principles, Privacy by Design

Italian Data Protection Authority (Garante)-Istituto Nazionale Previdenza Sociale (INPS) (4/15/2021)

Access Requests (DSAR), Data Subjects Rights, Lawfulness of Processing

Spanish Data Protection Authority (aepd)-Solram T Y R S.L. (5/12/2021)

Access Requests (DSAR), Data Subjects Rights

Hellenic Data Protection Authority (HDPA)-A. ΕΠΙΛΟΓΗ ΙΔΙΩΤΙΚΗ ΚΕΦΑΛΑΙΟΥΧΙΚΗ ΕΤΑΙΡΕΙΑ (5/12/2021)

Access Requests (DSAR), Data Subjects Rights, Lawfulness of Processing, Principles, Sensitive Data

Hellenic Data Protection Authority (HDPA)-Candidate for parliamentary elections (4/16/2021)

Access Requests (DSAR), Data Subjects Rights

Spanish Data Protection Authority (aepd)-Anytime Fitness Iberia S.L. (4/27/2021)

Access Requests (DSAR), Data Subjects Rights

Hellenic Data Protection Authority (HDPA)-Candidate for parliamentary elections (3/22/2021)

Access Requests (DSAR), Data Subjects Rights

Spanish Data Protection Authority (aepd)-Kutxabank, S.A. (4/8/2021)

Access Requests (DSAR), Data Subjects Rights

Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)-Vodafone România SA (11/23/2020)

Access Requests (DSAR), Data Subjects Rights

French Data Protection Authority (CNIL)-Carrefour France (11/18/2020)

Access Requests (DSAR), Data Subjects Rights, Principles

Cypriot Data Protection Commissioner-Bank of Cyprus Public Company Ltd (10/19/2020)

Access Requests (DSAR), Controllers and Processors, Data Subjects Rights, Integrity and confidentiality, Principles, Representative, Technical and Organisational Measures (TOMs)

Hungarian National Authority for Data Protection and the Freedom of Information (NAIH)-Employer (7/23/2020)

Access Requests (DSAR), Data Subjects Rights

Italian Data Protection Authority (Garante)-Mapei S.p.A. (7/2/2020)

Access Requests (DSAR), Data Subjects Rights, Principles

Hellenic Data Protection Authority (HDPA)-Candidate for parliamentary elections (8/3/2020)

Access Requests (DSAR), Data Subjects Rights

Italian Data Protection Authority (Garante)-National Institute for Social Security – Department of the Province of Brescia (8/4/2020)

Access Requests (DSAR), Data Subjects Rights

Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)-SC Viva Credit IFN SA (7/30/2020)

Access Requests (DSAR), Data Subjects Rights

Italian Data Protection Authority (Garante)-San Giorgio Jonico (3/5/2020)

Access Requests (DSAR), Controllers and Processors, Data Subjects Rights, Principles, Representative

Belgian Data Protection Authority (APD)-Unknown (6/19/2020)

Access Requests (DSAR), Controllers and Processors, Data Subjects Rights, Principles, Representative

Belgian Data Protection Authority (APD)-Unknown (6/16/2020)

Access Requests (DSAR), Controllers and Processors, Cooperation with Supervisory Authorithy, Data Subjects Rights

Spanish Data Protection Authority (aepd)-Equifax Iberica, S.L. (6/9/2020)

Access Requests (DSAR), Data Subjects Rights

Data Protection Authority of Brandenburg-Unknown Company (7/11/1905)

Access Requests (DSAR), Data Subjects Rights

Danish Data Protection Authority (Datatilsynet)-JobTeam A/S DKK (5/15/2020)

Access Requests (DSAR), Data Subjects Rights

Deputy Data Protection Ombudsman-Posti Group Oyj (5/22/2020)

Access Requests (DSAR), Data Subjects Rights

Hellenic Data Protection Authority (HDPA)-Public Power Corporation S.A. (2/21/2020)

Access Requests (DSAR), Data Subjects Rights

Hellenic Data Protection Authority (HDPA)-Speech and Special Education Centre – Mihou Dimitra (3/20/2020)

Access Requests (DSAR), Controllers and Processors, Data Subjects Rights, Representative

Hungarian National Authority for Data Protection and the Freedom of Information (NAIH)-Local bank (5/31/2019)

Access Requests (DSAR), Data Subjects Rights

Hungarian National Authority for Data Protection and the Freedom of Information (NAIH)-Unknown (6/26/2019)

Access Requests (DSAR), Controllers and Processors, Data Subjects Rights, Principles, Representative

Hungarian National Authority for Data Protection and the Freedom of Information (NAIH)-Representative of a local government (3/4/2020)

Access Requests (DSAR), Controllers and Processors, Data Subjects Rights, Principles, Representative

Data Protection Authority of Sweden (Integritetsskyddsmyndigheten)-Google LLC (3/11/2020)

Access Requests (DSAR), Controllers and Processors, Data Subjects Rights, Principles, Representative

Croatian Data Protection Authority (azop)-Bank (name not available at the moment) (3/13/2020)

Access Requests (DSAR), Data Subjects Rights

Italian Data Protection Authority (Garante)-Eni Gas e Luce (12/11/2019)

Access Requests (DSAR), Controllers and Processors, Data Subjects Rights, Principles, Representative, Right to Object

Italian Data Protection Authority (Garante)-TIM (telecommunications operator) (1/15/2020)

Access Requests (DSAR), Controllers and Processors, Data Subjects Rights, Principles, Representative, Right to Object

Belgian Data Protection Authority (APD)-Nursing Care Organisation (12/17/2019)

Access Requests (DSAR), Data Subjects Rights

Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)-Royal President S.R.L. (11/29/2019)

Access Requests (DSAR), Controllers and Processors, Data Subjects Rights, Representative, Technical and Organisational Measures (TOMs)

Slovak Data Protection Office-Unknown (Unknown)

Access Requests (DSAR), Data Subjects Rights

Data State Inspectorate (DSI)-Online Services (8/26/2019)

Access Requests (DSAR), Data Subjects Rights

Portuguese Data Protection Authority (CNPD)-Unknown (2/5/2019)

Access Requests (DSAR), Data Subjects Rights

Data Protection Authority of Berlin-Delivery Hero (9/19/2019)

Access Requests (DSAR), Data Subjects Rights, Right to Object

Hungarian National Authority for Data Protection and the Freedom of Information (NAIH)-Unknown (4/5/2019)

Access Requests (DSAR), Data Subjects Rights

Bulgarian Commission for Personal Data Protection (KZLD)-Employer (2/22/2019)

Access Requests (DSAR), Data Subjects Rights

Cypriot Data Protection Commissioner-State Hospital (7/11/1905)

Access Requests (DSAR), Data Subjects Rights

Czech Data Protection Auhtority (UOOU)-Unknown (10/25/2018)

Access Requests (DSAR), Data Subjects Rights

Czech Data Protection Auhtority (UOOU)-Unknown (2/26/2019)

Access Requests (DSAR), Data Subjects Rights

Czech Data Protection Auhtority (UOOU)-Unknown (5/6/2019)

Access Requests (DSAR), Data Subjects Rights

New data protection audit framework launched to help organisations improve compliance by UK ICO

Controllers and Processors, Data Sharing, Data Subjects Rights

Telegram’s New Policy: User Data to Be Shared with Authorities in Criminal Cases

Data Sharing, Data Subjects Rights

LinkedIn Used User Data for AI Training Before Updating Its Terms

AI, Data Sharing, Data Subjects Rights, Lawfulness of Processing

The IDTA, Addendum and TRA: practical guidance for cross-border transfers by the UK ICO

Access Requests (DSAR), Data Transfers

Report and Guidance on Privacy in Social Network Services – ”Rome Memorandum” by International Working Group on Data Protection in Telecommunications

Definitions, Processing of personal data

Opinion 37/2023 on the draft decision of the competent supervisory authority of Luxemburg regarding the approval of the requirements for accreditation of a certification body pursuant to Article 43.3 (GDPR) |EPDB

Certification

Opinion 38/2023 on the draft decision of the competent supervisory authority of Slovenian regarding the approval of the requirements for accreditation of a certification body pursuant to Article 43.3 (GDPR). |EPDB

Certification

CASE STUDIES (2018 – 2023) by the Irish DPC

Access Requests (DSAR), Controllers and Processors, Data Breaches, Data Subjects Rights, Liability and Remedies, Supervisory Authorities

How to handle someone’s data subject access request when there is information about other individuals involved by the Irish DPA

Access Requests (DSAR), Data Subjects Rights

Case C 683-2021

Data Controller, Data Processors, Joint Controllers

DSAR management for controllers by Bailiwick of Guernsey’s DPA

Access Requests (DSAR), Data Subjects Rights

Study on the appropriate safeguards under Article 89(1) GDPR for the processing of personal data for scientific research

Material scope, Scientific Research, Specific processing situations

Case C-101/01

Data Transfers, Definitions, Principles, Processing of personal data, Sensitive Data

C-272/19

Access Requests (DSAR), Data Controller, Data Subjects Rights, Definitions

C-154/21

Access Requests (DSAR), Data Subjects Rights

Case C-487/21

Access Requests (DSAR), Data Subjects Rights

C-349/21

Access Requests (DSAR), Data Subjects Rights

Frequently Asked Questions (FAQs) on the Data Act by the EU Commission

Controllers and Processors, Data Sharing

Meta Platforms Ireland v EDPB (Case T-319/24)

Controllers and Processors, Data Sharing, Data Subjects Rights

Case C‑461/22 CURIA

Data Controller, Definitions

Case C-394/23, Mousse: Request for a preliminary ruling from the Conseil d’État (France) lodged on 28 June 2023 — Association Mousse v Commission nationale de l’informatique et des libertés (CNIL), SNCF Connect

Definitions, Processing of personal data

Today’s and tomorrow’s means of payment facing the challenge of data protection by CNIL

Definitions, Processing of personal data

EditorsTrends in Data Protection and Encryption Technologies by SpringerProfessional

Definitions, New technology, Processing of personal data

Case 2:24-cv-05140 by the attorney general of California

Consent, Controllers and Processors, Data Sharing, Lawfulness of Processing

Opinion 20/2021 on Tobacco Traceability System |EDPB

Controllers and Processors, Data Sharing

Decision on the merits 46/2024 by the Belgian DPA

Access Requests (DSAR), Data Subjects Rights

Data Sharing Code of Practice by UK ICO [Controller to Controller]

Controllers and Processors, Data Sharing

Opinion 39/2021 on whether Article 58(2)(g) GDPR could serve as a legal basis for a supervisory authority to order ex officio the erasure of personal data, in a situation where such request was not submitted by the data subject |EPDB

Data Controller, Data Subjects Rights, Definitions

Opinion 1/2022 on the draft decision of the Luxembourg Supervisory Authority regarding the GDPR – CARPA certification criteria |EPDB

Certification

Opinion 25/2022 regarding the European Privacy Seal (EuroPriSe ) certification criteria for the certification of processing operations by processors |EPDB

Certification

Opinion 15/2023 on the draft decision of the Dutch Supervisory Authority regarding the Brand Compliance certification criteria |EPDB

Certification

Opinion 28/2022 on the Europrivacy criteria of certification regarding their approval by the Board as European Data Protection Seal pursuant to Article 42.5 (GDPR) |EPDB

Certification

How to deal with SARs as an employer by the UK ICO

Access Requests (DSAR), Employment

Fashion ID, 29 July 2019, C-40/17, ECLI:EU:C:2019:629

Data Controller, Data Processors

Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein v Wirtschaftsakademie Schleswig-Holstein GmbH, in the presence of Facebook Ireland Ltd (Case C-210/16).

Data Controller

Guidelines 07/2020 on the concepts of controller and processor in the GDPR

Data Controller, Data Processors, Definitions

Guidelines 1/2018 on certification and identifying certification criteria in accordance with Articles 42 and 43 of the Regulation

Certification

Guidelines 4/2018 on the accreditation of certification bodies under Article 43 of the General Data Protection Regulation (2016/679)

Certification

Guidelines 07/2022 on certification as a tool for transfers

Certification

Addictive patterns in the processing of personal data Implications for data protection by AEPD

Definitions, Processing of personal data

Balancing transparency and empathy in request and complaint handling by the UK ICO

Access Requests (DSAR)

Section 40(2) FOIA – the personal data exemption – a practical approach by the UK ICO

Access Requests (DSAR), Data Subjects Rights

Salvatore Manni Case C 398/15

Data Retention, Legitimate Interest, Storage limitation

ANAF Case C‑201/14, 1 October 2015

Automated Decision-making, Data Sharing, Data Transfers, Public Administrative Body