Telekom Romania Communications SA – €6,000 Fine (Romania, 2021)

€6,000Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal6 December 2021Romania
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Telekom Romania was fined €6,000 for mistakenly sending a customer's personal data to the wrong email address and failing to delete it upon request. This case shows how important it is for companies to handle personal data carefully and respect deletion requests. Businesses should ensure they have accurate data handling processes to avoid similar fines.

What happened

Telekom Romania sent invoices and messages meant for one person to another person's email address.

Who was affected

The person whose email address received another customer's payment information.

What the authority found

The Romanian DPA fined Telekom Romania for failing to ensure data accuracy and not complying with a deletion request.

Why this matters

This fine underscores the importance of accurate data processing and respecting user requests for data deletion. Companies should review their data management practices to prevent unauthorized disclosures.

GDPR Articles Cited

Art. 17(GDPR)
Art. 5(1)(d) GDPR
Art. 5(2) GDPR
Romania enforcementAutoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal actionsAll Telekom Romania Communications SA actions
Full Legal Summary
Detailed

The Romanian DPA (ANSPDCP) imposed a fine of EUR 6,000 on Telekom Romania Communications SA. A data subject had complained that the controller had sent invoices and messages to his email address informing him of another person's payment arrears. During the investigation, the DPA found that the controller had collected and processed certain personal data in error, resulting in the unlawful disclosure of the personal data. At the same time, the DPA found that the controller had not taken the necessary measures to comply with the data subject's request for deletion of his personal data. The fine is composed proportionally EUR 5,000 for a breach of Art. 5 (1) d), f) GDPR, Art. 5 (2) GDPR and EUR 1,000 for a breach of Art. 17 GDPR.

Related Enforcement Actions (2)

Other enforcement actions involving Telekom Romania Communications SA in RO

Fine
Apr 2020· Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal

The company had not taken sufficient technical and organizational measures to ensure the accuracy of personal data transmitted by telephone for the co...

€3K
Fine
May 2021· Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal

The Romanian DPA (ANSPDCP) has imposed a fine of EUR 2,000 on Telekom Romania Communications SA. The controller had made an advertising call to the da...

€2K
Current
Dec 2021

Fine

€6K

Details

Fine Date

6 December 2021

Authority

Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal

Fine Amount

€6,000

Enforcement Tracker ID

ETid-977

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Telekom Romania Communications SA - Romania (2021). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: