Natural Person – €10,000 Fine (Romania, 2026)

€10,000Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal30 January 2026Romania
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

The Romanian DPA has imposed a fine of EUR 10,000 on a natural person. The controller operated a website on which identity cards containing personal data, including special category data, possible criminal convictions, data on the intimate lives of data subjects and possible debts, were published. The processing of this data was not based on a sufficient legal basis, and the controller did not ensure that the data was correct, complete or transparent. Furthermore, the controller did not adequately respond to requests by data subjects to delete their data. Furthermore, the DPA found that the controller did not provide the necessary information on its website, nor did it respond to requests from the DPA.

GDPR Articles Cited

Art. 5 GDPR
Art. 6 GDPR
Art. 9 GDPR
Art. 10 GDPR
Art. 13 GDPR
Art. 14 GDPR
Art. 12(3) GDPR
Art. 17(1) GDPR
Art. 58(1) GDPR
Romania enforcementAutoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal actionsAll Natural Person actions
Full Legal Summary

The Romanian DPA has imposed a fine of EUR 10,000 on a natural person. The controller operated a website on which identity cards containing personal data, including special category data, possible criminal convictions, data on the intimate lives of data subjects and possible debts, were published. The processing of this data was not based on a sufficient legal basis, and the controller did not ensure that the data was correct, complete or transparent. Furthermore, the controller did not adequately respond to requests by data subjects to delete their data. Furthermore, the DPA found that the controller did not provide the necessary information on its website, nor did it respond to requests from the DPA.

Related Enforcement Actions (1)

Other enforcement actions involving Natural Person in RO

Fine
Feb 2021· Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal

The Romanian DPA (ANSPDCP) started an investigation after receiving a complaint against an individual who held the office of Secretary-General in a su...

€500
Current
Jan 2026

Fine

€10K

Details

Fine Date

30 January 2026

Authority

Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal

Fine Amount

€10,000

Enforcement Tracker ID

ETid-3014

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Natural Person - Romania (2026). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: