Search Privacy Fines

Browse and filter privacy enforcement fines worldwide.

← Back to Overview

Regulation

Country

Year

Min Fine (USD)

Sort

152 fines found

Total: $1.6M

Date	Company	Fine	Regulation	Authority	Country	Type	Summary
2019-09-26	Inteligo Media SA	€9K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Non-compliance with lawful basis for data processing	-- Articles: Art. 5 (1) a) GDPR, Art. 6 (1) a) GDPR
2022-09-08	Realmedia Network SA	€8K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Failure to implement sufficient measures to ensure information	-- Articles: Art. 32 (1) b) GDPR, Art. 32 (2) GDPR
2022-06-20	Asociația de Proprietari Aviației Park	€7K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Failure to comply with data processing principles	-- Articles: Art. 5 (1) a), c), e) GDPR, Art. 5 (2) GDPR, Art. 6 GDPR
2022-08-09	CDI Transport Intern și Internațional SRL	€7K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Non-compliance with subjects' rights protection safeguards	-- Articles: Art. 12 (1) GDPR, Art. 58 (1) a), e) GDPR
2020-01-14	SC Enel Energie S.A.	€6K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Non-compliance with lawful basis for data processing	The fine was issued after a complaint alleging that Enel Energie had processed a... The fine was issued after a complaint alleging that Enel Energie had processed an individual’s personal data and that the natural gas and electricity company was unable to prove it obtained the individual’s consent to send email notifications. The national data protection authority also explained that the company had not taken the required measures to stop the transmission of the email notifications even after the affected person had made a request to this end. The company was fined two times €3,000. Articles: Art. 5 GDPR, Art. 6 GDPR, Art. 7 GDPR, Art. 21 GDPR
2019-12-16	SC Enel Energie S.A.	€6K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Non-compliance with lawful basis for data processing	-- Articles: Art. 5 GDPR, Art. 6 GDPR, Art. 7 GDPR, Art. 21 GDPR
2021-10-21	Glove Technology SRL	€5K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Non-compliance with lawful basis for data processing	-- Articles: Art. 5 (1) a) GDPR, Art. 6 (1) a) GDPR
2021-11-01	S.P.E.E.H. Hidroelectrica S.A.	€5K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Failure to implement sufficient measures to ensure information security	-- Articles: Art. 32 (1) b), (2) GDPR
2019-12-13	Entirely Shipping & Trading S.R.L.	€5K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Non-compliance with lawful basis for data processing	-- Articles: Art. 5 (1) GDPR, Art. 6 GDPR, Art. 7 GDPR, Art. 9 GDPR
2019-12-13	Entirely Shipping & Trading S.R.L.	€5K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Non-compliance with lawful basis for data processing	A second fine was issued to the company for the unlawful processing of employee ... A second fine was issued to the company for the unlawful processing of employee biometric data (fingerprints). The processing of biometric data allegedly was necessary to give employees access to certain rooms. The national DPA argued that this was too excessive. Articles: Art. 5 (1) GDPR, Art. 6 GDPR, Art. 7 GDPR, Art. 9 GDPR
2023-03-23	Tehnoplus Industry SRL	€5K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Failure to comply with data processing principles	-- Articles: Art. 5 (1) a), c), e) GDPR, Art. 5 (2) GDPR, Art. 6 GDPR
2020-07-27	SC Cntar Tarom SA	€5K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Failure to implement sufficient measures to ensure information security	-- Articles: Art. 32 GDPR
2023-02-08	Medijobs Platform SRL	€5K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Failure to implement sufficient measures to ensure information security	-- Articles: Art. 32 (1) b), (2) GDPR
2019-12-13	Entirely Shipping & Trading S.R.L.	€5K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Non-compliance with lawful basis for data processing	The company installed video surveillance in order to monitor employee activity. ... The company installed video surveillance in order to monitor employee activity. The problem arose from the fact that some cameras were installed in the locker rooms where the staff kept their spare clothes and regularly used to get dressed and undressed. Articles: Art. 5 (1) GDPR, Art. 6 GDPR, Art. 7 GDPR
2020-11-24	Dada Creation S.R.L.	€5K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Failure to implement sufficient measures to ensure information security	-- Articles: Art. 32 GDPR, Art. 33 GDPR
2019-12-13	Entirely Shipping & Trading S.R.L.	€5K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Non-compliance with lawful basis for data processing	-- Articles: Art. 5 (1) GDPR, Art. 6 GDPR, Art. 7 GDPR
2020-05-05	Banca Comercială Română SA	€5K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Failure to implement sufficient measures to ensure information security	-- Articles: Art. 32 GDPR
2022-05-24	Med Life SA	€5K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Failure to implement sufficient measures to ensure information security	-- Articles: Art. 32 (1) b), (2), (4) GDPR
2022-05-18	Kredyt Inkaso Investments RO S.A.	€5K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Failure to comply with data processing principles	-- Articles: Art. 5 GDPR, Art. 6 GDPR, Art. 9 GDPR, Art. 33 GDPR
2022-09-21	Curtea Veche Publishing SRL	€5K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Failure to implement sufficient measures to ensure information security	-- Articles: Art. 32 (1) b), c) GDPR, Art. 32 (2) GDPR
2020-03-25	Vodafone Romania	€4K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Failure to implement sufficient measures to ensure information security	Vodafone Romania sent an e-mail containing personal data of a client to another ... Vodafone Romania sent an e-mail containing personal data of a client to another unrelated client, thus breaking privacy conventions. They had improper organizational and security measures in effect at that time. Articles: Art. 32 GDPR
2020-03-25	Vodafone Romania	€4K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Failure to implement sufficient measures to ensure information security	-- Articles: Art. 32 GDPR
2020-11-23	Vodafone România SA	€4K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Non-compliance with subjects' rights protection safeguards	-- Articles: Art. 12 GDPR, Art. 15 GDPR, Art. 17 GDPR
2023-03-15	Partidul Uniunea Salvați România	€4K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Failure to implement sufficient measures to ensure information security	-- Articles: Art. 32 (1) a) GDPR, Art. 32 (2) GDPR
2020-06-18	Enel Energie	€4K	GDPR	Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)	Romania	Failure to implement sufficient measures to ensure information security	-- Articles: Art. 32 GDPR

PreviousPage 2 of 7Next