Are you over 18 and want to see adult content?
More Annotations
A complete backup of https://asninfo.ru
Are you over 18 and want to see adult content?
A complete backup of https://housage.com
Are you over 18 and want to see adult content?
A complete backup of https://speedadmin.dk
Are you over 18 and want to see adult content?
A complete backup of https://feestmuziek.nu
Are you over 18 and want to see adult content?
A complete backup of https://vaniasantos.com
Are you over 18 and want to see adult content?
A complete backup of https://mu-mo.net
Are you over 18 and want to see adult content?
A complete backup of https://postoandradina.com.br
Are you over 18 and want to see adult content?
A complete backup of https://wieliczka.eu
Are you over 18 and want to see adult content?
A complete backup of https://voxmediaevents.com
Are you over 18 and want to see adult content?
A complete backup of https://imagensbrasil.org
Are you over 18 and want to see adult content?
A complete backup of https://mernissi.net
Are you over 18 and want to see adult content?
Favourite Annotations
A complete backup of www.www.amkingdom.com
Are you over 18 and want to see adult content?
A complete backup of www.vintagemags.org
Are you over 18 and want to see adult content?
Text
the same address.
GDPR ENFORCEMENT TRACKER The CMS.Law GDPR Enforcement Tracker is an overview of fines and penalties which data protection authorities within the EU have imposed under the EU General Data Protection Regulation (GDPR, DSGVO). GDPR ENFORCEMENT TRACKER Statistics: Fines imposed over time The following statistics show how many fines and what sum of fines have been imposed per month so far. The first overview contains a cumulative summary, that is, all fines accumulated up to each month.The second overview contains the sum and number of fines per month. Note: Only fines with valid information about year and month that are already included in WWW.ENFORCEMENTTRACKER.COMTRANSLATE THIS PAGE www.enforcementtracker.com GDPR ENFORCEMENT TRACKER GDPR Enforcement Tracker - list of GDPR fines. This site is operated by CMS Hasche Sigle Partnerschaft von Rechtsanwälten und Steuerberatern mbB, which has its registered office in Berlin (Charlottenburg District Court, PR 316 B) and is located at Lennéstraße 7, 10785 Berlin, Germany (T +49 30 20360 0, F +49 30 20360 2000, berlin@cms-hs.com GDPR ENFORCEMENT TRACKER GDPR Enforcement Tracker - list of GDPR fines. This GDPR fine estimation is based on the calculation model published by the "Conference of the Independent Data Protection Supervisory Authorities" (DSK) from October 14, 2019, which can be accessed at (Click here). Please note that this is only an estimate. The actual fine may be lower or higher. GDPR ENFORCEMENT TRACKER Want to share with us a fine which we have not yet included in the list? Feel free to submit it here. Please note that we only list GDPR fines, i.e. no fines imposed under (1) national / non-European laws, (2) non-data protection laws (e.g. competition laws / electronic GDPR ENFORCEMENT TRACKER Germany: The Bavarian DPA (BayLDA) considered the use of the newsletter tool Mailchimp by a German company to be unlawful The Bavarian DPA (BayLDA) considered the use of the newsletter tool Mailchimp by a German company to be unlawful, as Mailchimp receives email addresses from newsletter subscribers and could be considered an "electronic communication service provider" under US GDPR ENFORCEMENT TRACKER GDPR Enforcement Tracker - list of GDPR fines. This website is owned and operated by CMS Hasche Sigle Partnerschaft von Rechtsanwälten und Steuerberatern mbB, Lennéstraße 7, D-10785 Berlin, +49 30 20360 0, berlin@cms-hs.com. The data protection officer can be contacted underthe same address.
GDPR ENFORCEMENT TRACKER Want to share with us a fine which we have not yet included in the list? Feel free to submit it here. Please note that we only list GDPR fines, i.e. no fines imposed under (1) national / non-European laws, (2) non-data protection laws (e.g. competition laws / electronic WWW.ENFORCEMENTTRACKER.COMTRANSLATE THIS PAGE www.enforcementtracker.com GDPR ENFORCEMENT TRACKER The CMS.Law GDPR Enforcement Tracker is an overview of fines and penalties which data protection authorities within the EU have imposed under the EU General Data Protection Regulation (GDPR, DSGVO). GDPR ENFORCEMENT TRACKER Statistics: Fines imposed over time The following statistics show how many fines and what sum of fines have been imposed per month so far. The first overview contains a cumulative summary, that is, all fines accumulated up to each month.The second overview contains the sum and number of fines per month. Note: Only fines with valid information about year and month that are already included in WWW.ENFORCEMENTTRACKER.COMTRANSLATE THIS PAGE www.enforcementtracker.com GDPR ENFORCEMENT TRACKER GDPR Enforcement Tracker - list of GDPR fines. This site is operated by CMS Hasche Sigle Partnerschaft von Rechtsanwälten und Steuerberatern mbB, which has its registered office in Berlin (Charlottenburg District Court, PR 316 B) and is located at Lennéstraße 7, 10785 Berlin, Germany (T +49 30 20360 0, F +49 30 20360 2000, berlin@cms-hs.com GDPR ENFORCEMENT TRACKER GDPR Enforcement Tracker - list of GDPR fines. This GDPR fine estimation is based on the calculation model published by the "Conference of the Independent Data Protection Supervisory Authorities" (DSK) from October 14, 2019, which can be accessed at (Click here). Please note that this is only an estimate. The actual fine may be lower or higher. GDPR ENFORCEMENT TRACKER Want to share with us a fine which we have not yet included in the list? Feel free to submit it here. Please note that we only list GDPR fines, i.e. no fines imposed under (1) national / non-European laws, (2) non-data protection laws (e.g. competition laws / electronic GDPR ENFORCEMENT TRACKER Germany: The Bavarian DPA (BayLDA) considered the use of the newsletter tool Mailchimp by a German company to be unlawful The Bavarian DPA (BayLDA) considered the use of the newsletter tool Mailchimp by a German company to be unlawful, as Mailchimp receives email addresses from newsletter subscribers and could be considered an "electronic communication service provider" under US GDPR ENFORCEMENT TRACKER GDPR Enforcement Tracker - list of GDPR fines. This website is owned and operated by CMS Hasche Sigle Partnerschaft von Rechtsanwälten und Steuerberatern mbB, Lennéstraße 7, D-10785 Berlin, +49 30 20360 0, berlin@cms-hs.com. The data protection officer can be contacted underthe same address.
GDPR ENFORCEMENT TRACKER The CMS.Law GDPR Enforcement Tracker is an overview of fines and penalties which data protection authorities within the EU have imposed under the EU General Data Protection Regulation (GDPR, DSGVO). GDPR ENFORCEMENT TRACKER Statistics: Fines imposed over time The following statistics show how many fines and what sum of fines have been imposed per month so far. The first overview contains a cumulative summary, that is, all fines accumulated up to each month.The second overview contains the sum and number of fines per month. Note: Only fines with valid information about year and month that are already included in WWW.ENFORCEMENTTRACKER.COMTRANSLATE THIS PAGE www.enforcementtracker.com GDPR ENFORCEMENT TRACKER GDPR Enforcement Tracker - list of GDPR fines. This site is operated by CMS Hasche Sigle Partnerschaft von Rechtsanwälten und Steuerberatern mbB, which has its registered office in Berlin (Charlottenburg District Court, PR 316 B) and is located at Lennéstraße 7, 10785 Berlin, Germany (T +49 30 20360 0, F +49 30 20360 2000, berlin@cms-hs.com GDPR ENFORCEMENT TRACKER GDPR Enforcement Tracker - list of GDPR fines. This GDPR fine estimation is based on the calculation model published by the "Conference of the Independent Data Protection Supervisory Authorities" (DSK) from October 14, 2019, which can be accessed at (Click here). Please note that this is only an estimate. The actual fine may be lower or higher. GDPR ENFORCEMENT TRACKER Want to share with us a fine which we have not yet included in the list? Feel free to submit it here. Please note that we only list GDPR fines, i.e. no fines imposed under (1) national / non-European laws, (2) non-data protection laws (e.g. competition laws / electronic GDPR ENFORCEMENT TRACKER Germany: The Bavarian DPA (BayLDA) considered the use of the newsletter tool Mailchimp by a German company to be unlawful The Bavarian DPA (BayLDA) considered the use of the newsletter tool Mailchimp by a German company to be unlawful, as Mailchimp receives email addresses from newsletter subscribers and could be considered an "electronic communication service provider" under US GDPR ENFORCEMENT TRACKER GDPR Enforcement Tracker - list of GDPR fines. This website is owned and operated by CMS Hasche Sigle Partnerschaft von Rechtsanwälten und Steuerberatern mbB, Lennéstraße 7, D-10785 Berlin, +49 30 20360 0, berlin@cms-hs.com. The data protection officer can be contacted underthe same address.
GDPR ENFORCEMENT TRACKER Want to share with us a fine which we have not yet included in the list? Feel free to submit it here. Please note that we only list GDPR fines, i.e. no fines imposed under (1) national / non-European laws, (2) non-data protection laws (e.g. competition laws / electronic WWW.ENFORCEMENTTRACKER.COMTRANSLATE THIS PAGE www.enforcementtracker.comSUBMIT A NEW FINE
×
Want to share with us a fine which we have not yet included in the list? Feel free to submit it here. PLEASE NOTE THAT WE ONLY LIST GDPR FINES, I.E. NO FINES IMPOSED UNDER (1) NATIONAL / NON-EUROPEAN LAWS, (2) NON-DATA PROTECTION LAWS (E.G. COMPETITION LAWS / ELECTRONIC COMMUNICATION LAWS) AND (3) "OLD" PRE-GDPR-LAWS.. Adding a link to the source of the fine is mandatory, all other details support us in adding the fine to the database as quick as possible. Thank you for your input!Close Submit
* Fines Database
* Fine Models by DPAs* Germany
* Netherlands
* Fines Statistics
Remove all filters
Filter by country:
Filter by violation (Art.):All
5
6
7
9
12
13
14
15
16
17
18
21
24
25
28
29
31
32
33
34
35
36
37
58
83
FRANCE: FINE AGAINST CARREFOUR GROUP Fine against Carrefour Group (Carrefour France and Carrefour Banque) in the amount of EUR 3 million due to several GDPR breaches. SWEDEN: REDUCTION OF FINE AGAINST GOOGLE LLC Fine reduced by Stockholm Administrative Court to EUR 5 million. GERMANY: REDUCTION OF FINE AGAINST 1&1TELECOM GMBH Fine reduced by Bonn District Court to EUR 900,000 due to only minor fault of the company*
*
*
GDPR ENFORCEMENT TRACKERtracked by
The CMS.Law GDPR Enforcement Tracker is an overview of fines and penalties which data protection authorities within the EU have imposed under the EU General Data Protection Regulation (GDPR, DSGVO). Our aim is to keep this list as up-to-date as possible. Since not all fines are made public, this list can of course never be complete, which is why we appreciate any indication of further GDPR fines and penalties. _Please note that we do not list any fines imposed under national / non-European laws, under non-data protection laws (e.g. competition laws / electronic communication laws) and under "old" pre-GDPR-laws._ ------------------------- RESET FILTER AND GO TO ALL FINES Show 102550100 entriesSearch:
COUNTRY
AUTHORITY
DATE
FINE
CONTROLLER/PROCESSORSECTOR
QUOTED ART.
TYPE
SUMMARY
SOURCE
DIRECT URL
ETID-456
SWEDEN
Data Protection Authority of Sweden2020-11-25
197,000
Gnosjö MunicipalityHealth Care
Art. 5 GDPR, Art. 6 GDPR, Art. 13 GDPR, Art. 35 GDPR, Art. 36 GDPR Insufficient legal basis for data processing The Swedish DPA imposed a fine on the municipality of Gnosjö for illegal video surveillance in a care home for persons with certain functional disabilities.link
https://www.enforcementtracker.com/ETID-456ETID-453
ROMANIA
Romanian National Supervisory Authority for Personal Data Processing(ANSPDCP)
2020-11-24
5,000
Dada Creation S.R.L. Industry and Commerce Art. 32 GDPR, Art. 33 GDPR Insufficient technical and organisational measures to ensure information security Due to inadequate technical and organizational measures, the company disclosed the order, delivery and personal data of over 1000 customers via its web store. The data was displayed on a document in the web store that could be downloaded without access protection. In addition, the operator had failed to report the security leak to the data protection authority.link
https://www.enforcementtracker.com/ETID-453ETID-455
SWEDEN
Data Protection Authority of Sweden2020-11-24
394,000
City of Stockholm
Public Sector and Education Art. 5 GDPR, Art. 32 GDPR Insufficient technical and organisational measures to ensure information security The Swedish DPA imposed a fine on the City of Stockholm for data breaches on a school education platform. The platform consists of different subsystems, including a system for monitoring school attendance, a student administration system, an interface for parents and an administration interface for teachers. In one of the subsystems, a lack of ability to restrict user access to the data has allowed a significant number of staff to access information about students using a protected identity. In another sub-system, parents could access information about other students, such as grades relatively easily. Via Google's search engine, it was possible to find links to enter an administrative interface where information about teachers with a protected identity was accessible.link
https://www.enforcementtracker.com/ETID-455ETID-450
SPAIN
Spanish Data Protection Authority (aepd)2020-11-23
12,000
Recambios Villalegre S.L. Industry and Commerce Art. 6 GDPR, Art. 13 GDPR Insufficient legal basis for data processing The Spanish DPA (AEPD) fined the company for posting photos of a person on Facebook and WhatsApp and accusing the individual of theft in related posts. The photos were obtained through the company's video surveillance system. The company further encouraged other users to share both the photos and the postings. The postings resulted in hundreds of humiliating, insulting and even threatening comments. The AEPD imposed a fine of EUR 10,000 for publishing the photos and EUR 2,000 for not installing the sign required for video surveillance ofthe store.
link
https://www.enforcementtracker.com/ETID-450ETID-451
ROMANIA
Romanian National Supervisory Authority for Personal Data Processing(ANSPDCP)
2020-11-23
4,000
Vodafone România SA Media, Telecoms and Broadcasting Art. 12 GDPR, Art. 15 GDPR, Art. 17 GDPR Insufficient fulfilment of data subjects rights The Romanian DPA (ANSPDCP) imposed a fine in the amount of EUR 4,000 on Vodafone România SA. The fine was imposed as a result of complaints alleging that the operator failed to respond to requests for access and erasure of data. The operator could not provide any evidence for exonaration.link
https://www.enforcementtracker.com/ETID-451ETID-437
SPAIN
Spanish Data Protection Authority (aepd)2020-11-19
36,000
Vodafone España, S.A.U. Media, Telecoms and Broadcasting Art. 5 GDPR, Art. 6 GDPR Insufficient legal basis for data processing Processing of personal data of a data subject without sufficient legal basis. The company had sent an invoice to a data subject without being able to prove that it had a contract with the data subject.link
https://www.enforcementtracker.com/ETID-437ETID-452
SPAIN
Spanish Data Protection Authority (aepd)2020-11-18
2000
Anmavas 61, S.L.
Industry and CommerceArt. 58 GDPR
Insufficient cooperation with supervisory authority The Spanish DPA (AEPD) imposed a fine on Anmavas 61, S.L. for neither granting nor justifiably denying the right to erasure to the data subject, even after receiving a warning issued by the AEPD.link
https://www.enforcementtracker.com/ETID-452ETID-454
FRANCE
French Data Protection Authority (CNIL)2020-11-18
800,000
Carrefour Banque
Finance, Insurance and ConsultingArt. 5 GDPR
Non-compliance with general data processing principles The French DPA (CNIL) imposed a fine on Carrefour Banque for violation of its obligation to process data fairly (Article 5 (1) GDPR). If a person who subscribed to the Pass card (a credit card that can be attached to a loyalty account) also wanted to participate in the loyalty program, he or she had to tick a box in which he or she agreed to Carrefour Banque sending his or her surname, first name and e-mail address to 'Carrefour fidélité'. Carrefour Banque expressly indicated that no further data would be transmitted. However, the CNIL noted that other data such as postal address, telephone number and the number of children had been transmitted, although the company undertook not to transmit any further data.link
https://www.enforcementtracker.com/ETID-454ETID-457
FRANCE
French Data Protection Authority (CNIL)2020-11-18
2,250,000
Carrefour France
Industry and Commerce Art. 5 GDPR, Art. 12 GDPR, Art. 13 GDPR, Art. 15 GDPR, Art. 17 GDPR, Art. 21 GDPR, Art. 32 GDPR, Art. 33 GDPR Non-compliance with general data processing principles The French DPA (CNIL) fined Carrefour France EUR 2,250,000 for several violations of data protection regulations, including the GPDR. During its investigation, the CNIL found that the information on personal data provided to users of the carrefour.fr websites and those wishing to join the loyalty program was neither easily accessible nor easily comprehensible. The CNIL also found that the information regarding the transfer of data to countries outside the EU and regarding the duration of data storage was incomplete. The CNIL also notes that the company did not comply with the storage time limits. Furthermore, the data of more than twenty-eight million customers who were inactive for five to ten years were stored for the purposes of the loyalty program. This was also the case for 750,000 users of the carrefour.fr site, who were inactive for five to ten years. The CNIL states that the company required proof of identity for almost every user request to exercise a right. However, this automatic requirement was not justified, as in most cases there was no doubt regarding the identity of the affected users. Furthermore, the company did not respond to several requests from individuals who wanted to access their personal data. Also, in numerous cases, the company did not carry out the erasure of data requested by individuals. Finally, the company has not responded to several requests from persons who did not agree to receive advertising by SMS or e-mail.link
https://www.enforcementtracker.com/ETID-457ETID-447
ITALY
Italian Data Protection Authority (Garante)2020-11-17
30,000
Provincial Health Authority of Cosenza Public Sector and EducationArt. 9 GDPR
Insufficient legal basis for data processing Publication of personal data (including first and last name, address, tax ID) on the website of the authority about persons who have claims for damages against the authority, without sufficientlegal basis
link
https://www.enforcementtracker.com/ETID-447 Showing 1 to 10 of 457 entries Previous12345…46Next Home License PrivacyImprint
Details
Copyright © 2024 ArchiveBay.com. All rights reserved. Terms of Use | Privacy Policy | DMCA | 2021 | Feedback | Advertising | RSS 2.0