Search Privacy Fines
Browse and filter privacy enforcement fines worldwide.
152 fines found
Total: $1.6M
| Date | Company | Fine | Regulation | Authority | Country | Type | Summary |
|---|---|---|---|---|---|---|---|
| 2022-05-03 | Megareduceri TV S.R.L. | €4K | GDPR | Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Romania | Non-cooperation with Data Protection Authority | --Articles: Art. 58 (1) GDPR |
| 2023-03-15 | Partidul Uniunea Salvați România | €4K | GDPR | Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Romania | Failure to implement sufficient measures to ensure information security | --Articles: Art. 32 (1) a) GDPR, Art. 32 (2) GDPR |
| 2022-05-04 | Concordia Capital IFN S.A. | €4K | GDPR | Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Romania | Failure to comply with data processing principles | --Articles: Art. 5 GDPR, Art. 6 GDPR |
| 2020-03-25 | Enel Energie | €3K | GDPR | Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Romania | Failure to implement sufficient measures to ensure information security | Enel Energie sent a client an email that contained the personal information of a...Enel Energie sent a client an email that contained the personal information of another client, failing to employ the necessary organizational and technical measures. Articles: Art. 32 GDPR |
| 2020-03-25 | eMag - Dante International | €3K | GDPR | Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Romania | Non-compliance with lawful basis for data processing | The company in question, Dante International, failed to observe the right of a c...The company in question, Dante International, failed to observe the right of a customer to unsubscribe from commercial communications and sent a commercial e-mail to the client in spite of that. Articles: Art. 6 GDPR, Art. 21 GDPR |
| 2023-03-06 | Integral Collection SRL | €3K | GDPR | Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Romania | Failure to implement sufficient measures to ensure information security | --Articles: Art. 32 (1) b), c) GDPR, Art. 32 (2) GDPR |
| 2021-08-24 | Actamedica SRL | €3K | GDPR | Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Romania | Failure to implement sufficient measures to ensure information security | --Articles: Art. 28 (1) GDPR, Art. 32 GDPR, Art. 33 GDPR |
| 2019-07-05 | Legal Company & Tax Hub SRL | €3K | GDPR | Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Romania | Failure to implement sufficient measures to ensure information security | The company had not imposed sufficient security measures, which led to the unaut...The company had not imposed sufficient security measures, which led to the unauthorized access of personal information related to the people who had made transactions with the website avocatoo.ro. This information includes names, emails, phone numbers, jobs, surnames, mailing addresses, and transaction details). Documents dated 10th of November 2018 – 1st of February 2019 had become publicly accessible to anyone. The company was sanctioned following a notification by the National Supervisory Authority when transaction details were publicly accessible via two links. Articles: Art. 32 GDPR |
| 2020-04-23 | Telekom Romania Communications SA | €3K | GDPR | Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Romania | Failure to implement sufficient measures to ensure information security | --Articles: Art. 32 GDPR |
| 2022-11-25 | OTP Leasing Romania IFN SA | €3K | GDPR | Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Romania | Failure to implement sufficient measures to ensure information security | --Articles: Art. 25 (1) GDPR, Art. 32 (1) b) GDPR, Art. 32 (2) GDPR |
| 2020-04-23 | Estee Lauder Romania | €3K | GDPR | Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Romania | Failure to comply with data processing principles | --Articles: Art. 6 GDPR, Art. 7 GDPR, Art. 9 GDPR |
| 2022-12-27 | Kaufland Romania SCS | €3K | GDPR | Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Romania | Failure to implement sufficient measures to ensure information security | --Articles: Art. 29 GDPR, Art. 32 (1) b) GDPR, Art. 32 (2), (4) GDPR |
| 2020-02-11 | Vodafone Romania | €3K | GDPR | Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Romania | Failure to comply with data processing principles | Vodafone Romania employed weak and insufficient security measures, which led to ...Vodafone Romania employed weak and insufficient security measures, which led to an event of erroneous data processing. When an individual issued a complaint, the company incorrectly processed the client’s data and sent it to a wrong e-mail address. Articles: Art. 5 (1) f) GDPR, Art. 32 GDPR |
| 2019-07-05 | Legal Company & Tax Hub SRL | €3K | GDPR | Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Romania | Failure to implement sufficient measures to ensure information security | --Articles: Art. 32 GDPR |
| 2020-10-15 | S.C. Marsorom S.R.L. | €3K | GDPR | Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Romania | Failure to implement sufficient measures to ensure information security | --Articles: Art. 32 GDPR |
| 2020-10-01 | Megareduceri TV S.R.L. | €3K | GDPR | Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Romania | Failure to comply with Data Processing Authority's orders | --Articles: Art. 31 GDPR, Art. 58 GDPR |
| 2020-12-30 | ING Bank | €3K | GDPR | Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Romania | Non-compliance with lawful basis for data processing | --Articles: Art. 5 (1) a)-d) GDPR, Art. 6 (1) GDPR |
| 2019-11-26 | Modern Barber | €3K | GDPR | Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Romania | Non-cooperation with Data Protection Authority | The company did not comply with measures imposed by the Data Protection Authorit...The company did not comply with measures imposed by the Data Protection Authority. Articles: Art. 58 GDPR |
| 2020-03-25 | Enel Energie | €3K | GDPR | Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Romania | Failure to implement sufficient measures to ensure information security | --Articles: Art. 32 GDPR |
| 2023-03-14 | Tinmar Energy SA | €3K | GDPR | Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Romania | Failure to implement sufficient measures to ensure information security | --Articles: Art. 32 (1) b) GDPR, Art. 32 (2) GDPR |
| 2023-03-16 | Med Life S.A. | €3K | GDPR | Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Romania | Failure to implement sufficient measures to ensure information security | --Articles: Art. 32 (1) b) GDPR, Art. 32 (2) GDPR, Art. 32 (4) GDPR |
| 2020-06-11 | Telekom Romania | €3K | GDPR | Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Romania | Failure to implement sufficient measures to ensure information security | --Articles: Art. 32 GDPR |
| 2020-03-25 | eMag - Dante International | €3K | GDPR | Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Romania | Non-compliance with lawful basis for data processing | --Articles: Art. 6 GDPR, Art. 21 GDPR |
| 2020-02-11 | Vodafone Romania | €3K | GDPR | Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Romania | Failure to comply with data processing principles | --Articles: Art. 5 (1) f) GDPR, Art. 32 GDPR |
| 2019-11-26 | Modern Barber | €3K | GDPR | Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Romania | Non-cooperation with Data Protection Authority | --Articles: Art. 58 GDPR |