IN THE SPOTLIGHT
The Romanian DPA sanctions a major retailer with 1,000 EUR for failure to ensure the erasure of data
On 18 January 2023, the Romanian DPA announced it sanctioned a major retailer with a 1,000 EUR fine for failure to erase a data subject’s personal data after exercising the right of erasure under the …
Logistics network fined 2,000 EUR by the Romanian DPA for failing to ensure the security of processing
On 12 January 2023, the Romanian DPA announced it sanctioned a logistics network with a 2,000 EUR fine for failure to ensure the security of processing. The investigation was finalized in December …
CJEU judgment on data subjects’ access right (degree of detail regarding recipients)
On 12 January 2023, the Court of Justice of the European Union (CJEU) delivered its ruling in Case C-154/21 (RW vs Österreichische Post AG) holding that, when exercising their right of access under th…
Meta fined with €390 million for breaches of the lawfulness and transparency requirements
On 4 January 2023, the Data Protection Commission (DPC) announced that it has issued fines amounting to a total of €390 million against Meta Platforms Ireland Limited (Meta). A €210 million fine was i…
Water and sewage services provider fined EUR 3,000 by the Romanian DPA for unlawfully disclosing e-mail addresses
On 4 January 2023, the Romanian DPA announced it sanctioned a water and sewage services provider with a EUR 3,000 fine for failing to implement adequate technical and organizational measures to ensure…
The Romanian DPA fines a major hypermarket chain for failure to ensure security of processing
On 27 December 2022, the Romanian DPA announced it sanctioned a major hypermarket chain with a 3,000 EUR fine for failure to ensure security of processing, including not ensuring that any natural pers…