IN THE SPOTLIGHT
EDPB Guidelines on the calculation of administrative fines under the GDPR are now available for public consultation
On 16 May 2022, the European Data Protection Board (“EDPB“) published on its website the first version of Guidelines on the calculation of administrative fines under the GDPR, adopted during the May ’…
The Romanian DPA issues EUR 1,000 fine for failure to ensure security of CCTV images
On 12 May 2022, the Romanian DPA announced it sanctioned a company acting as a processor with a EUR 1,000 fine for failure to ensure confidentiality of the images captured following the use of CCTV sy…
The Romanian DPA issues EUR 4,000 fine for unlawfully installing workplace monitoring systems
On 4 May 2022, the Romanian DPA announced it sanctioned a non-bank financial institution with a EUR 4,000 fine for audio-video monitoring of its employees in breach of Articles 5 and 6 of the GDPR. …
The Romanian DPA issues EUR 4,000 fine for failure to provide the information requested during a direct marketing investigation
On 3 May 2022, the Romanian DPA announced it sanctioned a retail company with a EUR 4,000 fine for not providing the DPA with the information requested during a direct marketing investigation. The …
CJEU judgment holds that consumer protection associations have a right to file lawsuits over infringements of personal data protection
On 28 April 2022, the Court of Justice of the European Union (“CJEU”) delivered its judgment in Case C-319/20 Meta Platforms Ireland Limited v. Bundesverband der Verbraucherzentralen und Verbraucherve…
The Romanian DPA fines major retailer for failure to ensure right to erasure
On 18 April 2022, the Romanian DPA announced that it sanctioned a major retailer with a EUR 1,000 fine for failure to ensure the right to erasure. Additionally, the DPA has required that the controlle…