Private Individual – €200 Fine (Romania, 2021)

€200Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal30 July 2021Romania
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

A Romanian individual was fined for sharing personal data without permission. They posted sensitive information, like salary details and a child's enrollment file, on Facebook and in local homes. This case highlights the importance of having a legal reason to share personal information.

What happened

A private individual unlawfully disclosed personal data by distributing materials in homes and posting on Facebook.

Who was affected

Individuals whose salary details and a child's enrollment information were shared without consent.

What the authority found

The Romanian DPA found the individual processed data without a legal basis and failed to inform people about the data use.

Why this matters

This case serves as a reminder that individuals must have a valid reason to share others' personal data. It emphasizes the need for transparency and legal compliance when handling personal information.

GDPR Articles Cited

Art. 5(1)(a) GDPR
Art. 6(1) GDPR
Art. 14(1) GDPR
Romania enforcementAutoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal actionsAll Private Individual actions
Full Legal Summary
Detailed

The Romanian DPA (ANSPDCP) has imposed a fine of EUR 200 on a private individual due to the unlawful disclosure of personal data. The controller had disclosed personal data of several individuals by distributing some materials in households of the municipality and through posts on his personal Facebook account. This involved, on the one hand, a photo of a salary statement of the data subject, whereby, among other things, the surname, first name, place of work and salary could be extracted. The other was a photo of a file from the register of children enrolled in the kindergarten of the municipality, whereby personal data of a minor child were disclosed. The DPA found that the controller had processed the data without a legal basis and had not informed the data subjects about the processing of their data.

Related Enforcement Actions (0)

No other enforcement actions found for Private Individual in RO

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

30 July 2021

Authority

Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal

Fine Amount

€200

Enforcement Tracker ID

ETid-787

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Private Individual - Romania (2021). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: