CJEU - DPO Hub (Page 6)

CJEU C-456/22 Gemeinde Ummendorf 14 Dec 2023

members – 1 min read

No national de minimis threshold and data subjects must prove damage. NB: This is another CJEU ruling from today, also related to Article 82.

Dec 14, 2023

CJEU: Data breach ≠ poor measures (but you must prove it) and fear only can constitute non-material damage

members – 1 min read

How not to get sued by data subjects (se full write-up of case in C-340/21 post)

Dec 14, 2023

CJEU (SCHUFA): On credit scoring, automated decision-making and courts' review of DPA decisions

members – 2 min read

Two CJEU rulings on SCHUFA Holding: Credit scoring = ADM when decisive for granting credit + national courts can fully review legally binding DPA decisions.

Dec 7, 2023

CJEU: Fines can only be imposed where there was intent or negligence

members – 1 min read

...and fines MUST be calculated on the *group's* total worldwide annual turnover!

Dec 5, 2023

CJEU C-319/22 Gesamtverband Autoteile-Handel (Access to vehicle information) (VIN, Scania) 9 Nov 2023

members – 3 min read

A vehicle identification number (VIN) is not personal data in nature, but may be(come) so depending on the context, even if you cannot identify someone directly yourself from it.

Nov 16, 2023