Compania Națională Poșta Română S.A. – €5,000 Fine (Romania, 2023)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Romania's data protection authority fined the Romanian Post EUR 5,000 for processing employee data without a valid reason. This matters because it highlights the need for companies to have a clear legal basis when handling personal data. Businesses should ensure they comply with data protection rules to avoid penalties.
What happened
The Romanian Post processed employee personal data without a valid legal basis.
Who was affected
Employees of the Romanian Post whose personal data was processed.
What the authority found
The Romanian DPA found that the Romanian Post violated GDPR by not having a valid legal basis for processing employee data.
Why this matters
This case underscores the importance of having a legal basis for data processing. Companies should review their data handling practices to ensure compliance with GDPR requirements.
GDPR Articles Cited
The Romanian DPA has imposed a fine of EUR 5,000 on the Romanian Post (Compania Națională Poșta Română S.A.). During its investigation, the DPA found that the controller had processed personal data of employees without a valid legal basis.
Related Enforcement Actions (0)
No other enforcement actions found for Compania Națională Poșta Română S.A. in RO
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
16 May 2023
Authority
Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal
Fine Amount
€5,000
Enforcement Tracker ID
ETid-1848
About this data
Cite as: Cookie Fines. Compania Națională Poșta Română S.A. - Romania (2023). Retrieved from cookiefines.eu
Last updated: