On 25 September 2023, the Romanian DPA announced the following sanctions against local public administration authority:
a fine of LEI 10,000 (approximately EUR 2,000) for failing (i) to implement the measures previously ordered under a remedial plan and (ii) to respond to the DPA's requests;
a warning for failing (i) to inform data subjects of their rights under the GDPR and (ii) to adopt …
The Romanian DPA sanctioned one of the top energy companies in Romania and imposed the following fines:
EUR 25,000 for violation of Art. 32 para. (1) letters b) and d), and para. (2) of GDPR;
EUR 8,000 for infringement of Art. 4 para. (5) of Law no. 506/2004 (the national law implementing the ePrivacy Directive).
Following a complaint about a potential data breach that occurred on the c…
On 18 September 2023, the Romanian DPA announced a fine of EUR 1,000 against an insurance company. This decision came in response to a complaint filed by a data subject regarding the violation of his right to object to receiving marketing messages from the company through LinkedIn.
The controller did not comply with the legal provisions regarding the processing of personal data, as it did not c…
Romanian DPA case studies – our top 5 picks
1. Refusal to provide the contractual clauses which represent the safeguard for the data transfer to a third country
Case study: A data subject complained about the refusal of a financial banking institution to provide …
As we all know, “personal data” represents information related to an identified or identifiable natural person.
So how do you identify someone? By name or through an image, one would answer. But what happens when we do not know the name and the image of the person but we are able to …
On this 5th anniversary of #GDPR, we reflect on the progress made over the past five years and look towards the future of data protection.
It has been a challenging journey, requiring companies, authorities, and data subjects to keep pace with the evolving regulator…
On Tuesday, July 18, 2023, Roxana Ionescu, Partner and Co-Head of NNDKP`s Data Protection practice, was a speaker at the online debate „How to correctly apply the GDPR legislation in PR and Communication”, organized by EventsOnline.ro and the Romanian Public Relations Association (RPRA).
Together with Catalin Hosu, President, RPRA, and the moderator of the event, Roxana touched upon the importa…
Iurie Cojocaru, Partner and Co-head of the Data Protection practice, was one of the speakers in the “Chat with ChatGPT” debate, organized by Juridice.ro on March 13, 2023.
Iurie and the other guests invited to share their views on this new AI tool provided valuable insight into the data protection and privacy implications of using ChatGPT.
More details about the event and the other speak…
Roxana Ionescu, Partner and Head of NNDKP’s Data Protection practice, contributed to the works of the “GDPR – Data Privacy Observer” conference on 25 January 2023, with a presentation on how the interpretation of GDPR evolved in time and the impact this had in practice.
Ciprian Paun, Partner and Co-Head of NNDKP Cluj office, was one of the opening speakers at the conference.
The second e…