In its decision of January 9, 2023, the data protection authority had to assess whether an information service provider operating an online encyclopedia had to delete the entry on the complaining party.The complainant, who is an artist known to the general public in German-speaking countries and who has, among other things, acted in various capacities… […]
2023-0.088.055 (D124.1078), Processing of biometric data in driver’s license validation (matching selfie with driver’s license).
In a decision dated February 20, 2022, the data protection authority addressed the processing of biometric data for the purpose of driver’s license validation via app by a car rental company.The respondent rents motor vehicles commercially without providing a driver. In fulfillment of his duty under § 103 para. 1 Z 3 KFG to ensure… […]
D124.5017 (2022-0.792.182), posting of job advertisements freely available on the Internet on the Employment Market Service job platform.
In its decision of November 21, 2022, the data protection authority ruled on the legality of the publication of job advertisements freely available on the Internet by the Public Employment Service. The complainant was a legal entity, which felt that its right to confidentiality under Section 1 of the Data Protection Act had been violated… […]
D124.5167 (2022-0.777.583), ELGA log data, no viewing of eMedication data and evaccination passport data occurred despite notation.
In its decision of November 15, 2022, the data protection authority had to assess the lawfulness of a query of eMedication data and evaccination data by a physician (respondent). In the present case, it was not the complainant but his minor son who was a patient of the respondent. The son was co-insured with both… […]
DSB- D124.0867/22 (2022-0.565.965), Violation in the right to secrecy: disclosure of new residential address to child’s father despite (ZMR) information block by territorial authority is unlawful for lack of legal basis
The complainant obtained a temporary injunction against the father of her joint child and, after moving to another federal state, set up an information block in the Central Register of Residents (ZMR). Thereupon, the respondent, which was a local authority, sent an information letter to the child’s father. This information letter contained the complainant’s new… […]
Decision of February 21, 2023, GZ: 2023-0.137.735 (Procedural No. D124.1473), rejection of the complaint due to obvious unfoundedness.
The subject of the complaint in these proceedings was the question of whether the complainant’s right to confidentiality, right to information and right to information had been violated by the first respondent and whether the complainant’s right to confidentiality and right to information had been violated by the second respondent.In the course of the investigation,… […]
jö Bonus Club
The Austrian data protection authority imposed a fine of 8 million euros on the grocer Rewe. The reason given for the penalty is violations of the GDPR in the customer loyalty program “jö Bonus Club,” which the authority identified. As a result, Rewe announced its intention to take legal action against the decision. Furthermore, it… […]
Health data of a kindergarten teacher
Following an incident in which a public institution was informed by an individual that a kindergarten teacher’s claim of being 50% disabled was not true, the DSB imposed a fine of 600 euros. As evidence of his testimony, the fined party submitted a court report that included health-related data on the subject. The data protection… […]
D124.1413/22 (2022-0.876.190), Data processing by a third country embassy located in ViennaD124.1413/22 (2022-0.876.190),
In the decision of December 15, 2022, the data protection authority had to deal with the question of the extent to which an infringement of rights by an embassy of a third country located in Vienna can be asserted before the Austrian data protection authority. In its assessment, the data protection authority considered its jurisdiction… […]