Website operator – €200 Fine (Romania, 2021)

€200Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal14 May 2021Romania
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

A Romanian website operator was fined EUR 200 for not properly informing users about data collection during the COVID-19 pandemic. The site collected personal details like names and addresses but failed to show it was done lawfully or securely. This case emphasizes the need for transparency and security in data handling.

What happened

The website collected personal data without proving lawful processing or informing users adequately.

Who was affected

Visitors to the website who filled out forms to leave their residence during the pandemic.

What the authority found

The Romanian data protection authority found the website operator did not lawfully process data or sufficiently inform users, violating GDPR rules.

Why this matters

This case highlights the importance of transparency and security in data collection. Website operators should ensure they have clear consent and robust security measures to protect user data.

GDPR Articles Cited

Art. 5(1)(a) GDPR
Art. 6(1) GDPR
Art. 13(1) GDPR
Art. 32(2) GDPR
Romania enforcementAutoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal actionsAll Website operator actions
Full Legal Summary
Detailed

The Romanian DPA (ANSPDCP) has imposed a fine of EUR 200 on the operator of the website declaratieppr.ro. During the Covid19 pandemic, visitors to the site were able to fill out a form that was required to leave their place of residence. Personal data such as name, address and ID number were collected for this purpose. However, the controller was unable to prove that it was processing the data lawfully. In addition, the controller had not sufficiently informed the data subjects about the processing of the data when collecting their personal data and had not implemented sufficient technical and organizational measures to ensure the security of the data processing.

Related Enforcement Actions (1)

Other enforcement actions involving Website operator in RO

Current
May 2021

Fine

€200

Fine
Oct 2022· Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal

The Romanian DPA has imposed a fine of EUR 150 on a website operator. The controller had published unauthorized personal data such as telephone number...

€150

Details

Fine Date

14 May 2021

Authority

Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal

Fine Amount

€200

Enforcement Tracker ID

ETid-675

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Website operator - Romania (2021). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: