Remove 12
Remove 2018 Remove Exercises Remove Personal data
article thumbnail

Ireland / Europe: DPC’s record GDPR fine has implications for calculation of GDPR fines and regulatory expectations around transparency rules

DLA Piper Privacy Matters

The investigation began in December 2018, when the DPC commenced an own-volition inquiry under Section 110 of the Data Protection Act 2018. Non-User Data. In its Article 65 decision, the EDPB agreed that this non-user data constituted personal data. Background. The Decision.

GDPR 105
article thumbnail

Middle East: Kingdom of Bahrain publishes Personal Data Protection Law

DLA Piper Privacy Matters

On 12 July 2018, the Kingdom of Bahrain (Bahrain) issued Law No. 30 of 2018 on the Personal Data Protection Law (PDPL). It will provide individuals with rights in relation to how their personal data can be collected, processed and stored. Businesses with a place of business in Bahrain; and.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

UK Tribunal Rules on Direct Marketing ICO Case Against Experian

Hunton Privacy

On February 20, 2023, in the case of Experian Limited v The Information Commissioner , the First-Tier Tribunal in the UK (the “ Tribunal ”) ruled on the ICO’s action to require Experian to make changes to how it processes personal data for direct marketing purposes.

article thumbnail

EU hits Meta with $1.3 billion fine for transferring European user data to the US

Security Affairs

billion for transferring user data to the US. This is the biggest fine since the adoption of the General Data Protection Regulation (GDPR) by the European Union (EU) on May 25, 2018. In the past, the social media giant Meta threatened to block its services for users in Europe without a legal basis for data transfers.

GDPR 92
article thumbnail

Dutch DPA Fines Dutch Credit Registration Bureau 830,000 Euros for Non-Compliance with Data Subject Rights

Hunton Privacy

After receiving multiple complaints from data subjects, the Dutch DPA investigated BKR’s management of data subjects’ access requests. In addition, Recital 59 of the GDPR clearly states that controllers should offer the possibility of accessing personal data in an electronic form when data is processed electronically.

article thumbnail

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Hunton Privacy

Between June 8, 2018 and April 6, 2019, the CNIL received 15 complaints from individuals relating to the exercise of their data protection rights with affiliates of the Carrefour Group. Loyalty program members’ data had been retained for a period of four years from their last activity.

GDPR 91
article thumbnail

The Impact of Data Protection Laws on Your Records Retention Schedule

ARMA International

Introduction to Data Protection Laws. Data protection laws, regulations, and rules control the collection, use, transfer, and storage of personal and sensitive information. Personal data protection requirements may be issued by federal, state (provincial), or local governments.