The Romanian DPA fines a controller EUR 3,000 for failure to provide the information requested during an investigation

06.06.2023

On 6 June 2023, the Romanian DPA announced a fine of EUR 3,000 for a controller in the beauty salon industry for failure to provide the information requested by the DPA during an investigation.

The investigation was initiated following a complaint lodged by a data subject who claimed that the controller was sending unsolicited SMS messages although the data subject had repeatedly exercised the right to erasure under the GDPR.

Thus, it was held that the controller breached the provisions of Article 83 (5) (e) GDPR for not providing the information requested by the DPA representatives.

The press release is available here (only in Romanian).

Tags:DPADPA investigationFailure to provide requested informationGDPR fineNon-compliance with DPA requestRight to erasureUpdate

-                                        Number of fines
-                                        Highest fine
+,000 €
-                                        Lowest fine
+€
-                                        Total amount of fines
+,000 €
-                                        Number of corrective measures
-                                        Number of fines triggered by data breach notifications
-                                        Number of fines triggered by complaints
-                                        Legal provisions mentioned in press releases
+                                        Article 24 (1), Article 32 (1) b), d), (2) of GDPR, Article 18 (2) of Law 102/2005

Dismissal of the data protection officer

Minimum data protection checklist on future law on whistleblowing protection

Introducing NIS 2 – main things to know and follow

Iurie Cojocaru

Partner, Head of the Data Protection practice

Roxana Ionescu

(1981-2023)

Statistics

Subscribe to NNDKP’s newsletters

Statistics

More In the spotlight

Statistics

Subscribe to NNDKP’s newsletters