IN THE SPOTLIGHT

AdobeStock_248475500 Green Blue-01

Local authority fined approx. EUR 2,000 by the Romanian DPA for several GDPR violations in the context of video surveillance

On 25 September 2023, the Romanian DPA announced the following sanctions against local public administration authority: a fine of LEI 10,000 (approximately EUR 2,000) for failing (i) to implement the measures previously ordered under a remedial plan and (ii) to respond to the DPA's requests; a warning for failing (i) to inform data subjects of their rights under the GDPR and (ii) to adopt …
Cybersecurity and digital data protection technology concept background image. Small padlock binary polygons that act as interconnects. dark blue background.

New sanctions for cookies non-compliance and data breach against one of the top energy companies in Romania

The Romanian DPA sanctioned one of the top energy companies in Romania and imposed the following fines: EUR 25,000 for violation of Art. 32 para. (1) letters b) and d), and para. (2) of GDPR; EUR 8,000 for infringement of Art. 4 para. (5) of Law no. 506/2004 (the national law implementing the ePrivacy Directive). Following a complaint about a potential data breach that occurred on the c…
AdobeStock_242262576

LinkedIn Marketing Missteps: The Romanian DPA sanctions insurance company for not respecting the right to object to direct marketing

On 18 September 2023, the Romanian DPA announced a fine of EUR 1,000 against an insurance company. This decision came in response to a complaint filed by a data subject regarding the violation of his right to object to receiving marketing messages from the company through LinkedIn. The controller did not comply with the legal provisions regarding the processing of personal data, as it did not c…

ARTICLES

AdobeStock_235934934 [Converted]

Romanian DPA Report – A Year in Review – 2022

Author: Iurie Cojocaru, Oxana Gorgan
  Romanian DPA case studies – our top 5 picks 1. Refusal to provide the contractual clauses which represent the safeguard for the data transfer to a third country Case study: A data subject complained about the refusal of a financial banking institution to provide …
This technology-inspired data abstract background is perfect for capturing the essence of the internet's vast expanse of information.

What are the personal data? A new CJEU case may settle things in a long dispute

Author: Iurie Cojocaru
As we all know, “personal data” represents information related to an identified or identifiable natural person. So how do you identify someone? By name or through an image, one would answer. But what happens when we do not know the name and the image of the person but we are able to …

Speaking engagements

Abstract Circuit board. Electronic computer hardware technology.

Roxana Ionescu – speaker at the online debate How to correctly apply the GDPR legislation in PR and Communication”

On Tuesday, July 18, 2023, Roxana Ionescu, Partner and Co-Head of NNDKP`s Data Protection practice, was a speaker at the online debate „How to correctly apply the GDPR legislation in PR and Communication”, organized by EventsOnline.ro and the Romanian Public Relations Association (RPRA). Together with Catalin Hosu, President, RPRA, and the moderator of the event, Roxana touched upon the importa…
Abstract Circuit board. Electronic computer hardware technology.

Iurie Cojocaru – Speaker at the “Chat with ChatGPT” debate

Iurie Cojocaru, Partner and Co-head of the Data Protection practice, was one of the speakers in the “Chat with ChatGPT” debate, organized by Juridice.ro on March 13, 2023. Iurie and the other guests invited to share their views on this new AI tool provided valuable insight into the data protection and privacy implications of using ChatGPT. More details about the event and the other speak…
AdobeStock_242262576

Roxana Ionescu – speaker at the “GDPR – Data Privacy Observer” conference and recipient of the Excellence Award at the event gala

Roxana Ionescu, Partner and Head of NNDKP’s Data Protection practice, contributed to the works of the “GDPR – Data Privacy Observer” conference on 25 January 2023, with a presentation on how the interpretation of GDPR evolved in time and the impact this had in practice. Ciprian Paun, Partner and Co-Head of NNDKP Cluj office, was one of the opening speakers at the conference. The second e…

Statistics