Enel Energie – €3,000 Fine (Romania, 2020)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Enel Energie was fined by Romania's data protection authority for sending an email that mistakenly included another client's personal data. This highlights the need for companies to have strong security measures to protect customer information.
What happened
Enel Energie sent an email containing personal data of one client to another client due to inadequate security measures.
Who was affected
Clients of Enel Energie who were affected by the accidental sharing of personal data via email.
What the authority found
The authority fined Enel Energie for not having adequate technical and organizational measures to ensure information security.
Why this matters
This case emphasizes the need for companies to implement robust security practices to prevent data breaches. It serves as a reminder to review and strengthen data protection measures regularly.
GDPR Articles Cited
The company has sent an email to a client which contained personal data of another client since the company failed to implement adequate technical and organisational measures to ensure an adequate level of information security.
Related Enforcement Actions (1)
Other enforcement actions involving Enel Energie in RO
Details
Fine Date
25 March 2020
Authority
Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal
Fine Amount
€3,000
Enforcement Tracker ID
ETid-262
About this data
Cite as: Cookie Fines. Enel Energie - Romania (2020). Retrieved from cookiefines.eu
Last updated: