data subject rights

European Union and EU community CE marking concept with sign, symbol and EU flag on a computer key

October 11, 2024

EDPB Chooses Right to Erasure for Fourth Coordinated Enforcement Action

The EDPB will launch a coordinated enforcement action in 2025 to assess the implementation of the right to erasure under GDPR.

GDPR - General Data Protection Regulation

October 10, 2024

EDPB Issues Guidelines on Legitimate Interest for Data Processing

The EDPB has issued guidelines on legitimate interests in data processing, emphasizing strict interpretation and the necessity of balancing individual rights.

July 11, 2024

GDPR Complaint Targets Microsoft’s Xandr for Data Access Denials

A complaint supported by European privacy advocacy group, noyb, targets Microsoft-owned adtech business Xandr for GDPR violations. The complaint alleges […]

February 28, 2024

GDPR Right of Access Under EDPB’s Enforcement Spotlight in 2024

The EDPB initiates a 2024 action focusing on GDPR’s right of access to ensure compliance across the EU.

January 7, 2024

noyb files complaint against Austria’s Creditors’ association for profiting from GDPR trights

KSV1870, a creditors’ association, is accused of profiting from the right of access to personal data under the GDPR by misleading individuals, especially foreigners, into purchasing a high-priced “InfoPass” instead of obtaining a free copy of their data.

November 8, 2023

Patients have the right to first copy of medical records free of charge, CJEU rules

Judgment by the EU top court clarifies the right of individuals to access their personal data undergoing processing.

October 16, 2023

Germany Gives Google Users More Power Over Their Data

Google has committed to give its users more control over their data processing – a result of a proceeding by the Bundeskartellamt under new competition law.

February 11, 2023

ChatGPT is a data privacy nightmare

ChatGPT – a threat to our privacy?

January 12, 2023

Data protection office slaps debt collection agency with €750k fine

The Finnish Data Protection Ombudsman ruled that debt collection company failed to respond to customers’ requests in a timely manner and fined it 750,000 euros.