Enel Energie – €4,000 Fine (Romania, 2020)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Enel Energie was fined €4,000 for not protecting customer data properly, leading to a data leak. This shows that companies must have strong security measures to prevent unauthorized data access.
What happened
Enel Energie failed to protect personal data, resulting in unauthorized disclosure to another customer.
Who was affected
Customers whose personal data was accidentally shared with other customers via email.
What the authority found
The Romanian authority decided that Enel Energie did not take adequate security measures to protect personal data, violating GDPR.
Why this matters
This case emphasizes the need for companies to implement strong data security practices to prevent unauthorized access and disclosure. It serves as a reminder to regularly review and update security measures.
GDPR Articles Cited
Failure to take adequate measures to prevent unauthorised disclosure of personal data. The fine was preceded by a complaint about the disclosure of personal data of the data subject to another customer by e-mail.
Related Enforcement Actions (1)
Other enforcement actions involving Enel Energie in RO
Details
Fine Date
18 June 2020
Authority
Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal
Fine Amount
€4,000
Enforcement Tracker ID
ETid-310
About this data
Cite as: Cookie Fines. Enel Energie - Romania (2020). Retrieved from cookiefines.eu
Last updated: