On 18 September 2019, the Commission Nationale pour la Protection des Données (the "CNPD") (i.e. the Luxembourg data protection supervisory authority) published its annual activity report for 2018 and presented its key figures regarding notably information requests, complaints, data breaches, prior consultation regarding data protection impact assessments (DPIA), control, audits and on-site inspections, and sanctions. The key figures provided by the CNPD demonstrate that individuals become more aware of their rights and related obligations under the GDPR. However, the CNPD has not imposed any administrative fines so far. See more information here.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.