GDPR decisions – September 2021
WhatsApp fined EUR 225 million for inadequate information In 2018, the Irish Data Protection Commission initiated extensive investigations on whether WhatsApp complied with the transparency principle. The DPC examined whether WhatsApp observed its obligations under the GDPR regarding compliance of the obligation to inform and the transparency in the obligation to inform towards users and …
GDPR decisions – August 2021
The Danish Immigration Service reported to the Police and is facing a DKK 150,000 fine (about EUR 20,200) The Danish DPA initiated the case when they through various media found out that a possible logging error present in an IT system related to two deportation centres could have affected the rights of the residents. In …
GDPR decisions – July 2021
Recordings of phone conversations without prior consent made by the Danish Business Authority drew criticism from the Danish Data Protection Agency.
GDPR decisions – May 2021
Court of law approves the opportunity for compensation in the event of a non-pecuniary loss following a data breach At the end of 2018, four PCs were stolen from the town hall of Gladsaxe. A spreadsheet was stored on the local drive of one of the PCs containing personal data on 20,620 citizens for inter-municipal …
GDPR decisions – April 2021
Application of old TLS version drew criticism from the Danish DPA When looking into a case initiated by the DPA itself, the DPA established that the self-service solution available with the Police for applying for a firearms certificate (www.digimeld.politi.dk/vaaben/HTML/index.aspx?type=p70401) – during which your personal ID number must be entered – warns you about the page …
GDPR decisions – March 2021
Decision delivered in France may greatly impact the option of legally using European subsidiaries with parent companies in the USA for hosting of data.
GDPR decisions – February 2021
Phone conversations recorded by on-call GPs A Danish citizen had filed a complaint about her phone conversation with an on-call GP in the Region of Southern Denmark being recorded and the fact that the on-call GP subsequently denied to erase the recordings. The Danish Data Protection Agency found that it was alright for the on-call …
The Danish Supreme Court finds in favour of Danish municipality
The Western Division of the Danish High Court had previously acquitted a Danish municipality in a case where the municipality’s mechanical ditch cleaners had caused damage to a telecommunications cable situated in a roadside ditch.
Employer acquitted of liability – workplace, person to be charged, instructions and supervision was at issue
On 5 July 2019, one of the Danish district courts (the District Court of Herning) found that a master painter was liable for compensation in connection with an injury accident caused when an apprentice fell off a balcony and suffered severe head injuries.
GDPR decisions – January 2021
Norwegian company fined EUR 95,000 for insufficient basis for processing Innovation Norway carried out four credit ratings of a one-man business, which the owner of the business complained about to the Norwegian data protection authority. The credit ratings were made over a 3-month period. Innovation Norway was not able to identify any customer relation or …