Hora Credit IFN SA

€14K($15K USD)final

Date Issued

2019-12-10

Regulation

GDPR

Authority

Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)

Country

Romania

Violation Type

Non-compliance with lawful basis for data processing

Currency

EUR

Violation Summary

Three fined were issued on Hora Credit IFN SA because personal data of an individual was transmitted through email to a third party. The following investigation revealed that the company processed personal data without any means to validate the accuracy and authenticity of the data collected and processed. The operator also did not employ enough technical and organizational measures to protect the collected personal data. The case was made worse by the fact that the company did not notify the ANSPDCP after the data breach was discovered, as required by the law. The three fined issued were of €3,000, €10,000 and €1,000 for all the three issues of non-compliance discovered by the ANSPDCP.

Articles Violated

Art. 5 GDPRArt. 25 GDPRArt. 32 GDPRArt. 33 GDPR

View Source Document →

Other Fines for Hora Credit IFN SA

Date	Regulation	Amount (USD)	Type
2019-12-10	GDPR	$15,120	Non-compliance with lawful basis for data processing