Vodafone România S.A. – €4,000 Fine (Romania, 2020)

€4,000Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal4 November 2020Romania
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Vodafone România failed to prove it had responded to customer requests to access or delete their data. The company was fined because it couldn't show it fulfilled these requests, highlighting the need for businesses to handle data requests properly. This case emphasizes the importance of transparency and responsiveness in data management.

What happened

Vodafone România could not demonstrate compliance with customer requests for data access and deletion.

Who was affected

The affected individuals were customers who requested access to or deletion of their personal data.

What the authority found

The Romanian data protection authority fined Vodafone for not proving it had responded to data access and deletion requests, violating GDPR requirements.

Why this matters

This ruling highlights the necessity for companies to be transparent and responsive to customer data requests. It serves as a lesson for businesses to maintain clear records of how they handle such requests to avoid fines.

GDPR Articles Cited

Art. 12 GDPR
Art. 15 GDPR
Art. 17 GDPR
Romania enforcementAutoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal actionsAll Vodafone România S.A. actions
Full Legal Summary
Detailed

The ANSPDCP conducted an investigation into Vodafone România S.A. and found that the controller could not demonstrate compliance and prove that it had fulfilled access and deletion requests. Did the controller facilitate and fulfill the rights of data subjects enshrined in Articles 12, 15, and 17 GDPR? The ANSPDCP held that the controller failed to meet its obligations, as it could not prove that it had replied to or complied with the requests from data subject. The DPA therefore fined Vodafone €4000 for breaching Articles 12, 15, and 17 GDPR. Furthermore, the DPA imposed the corrective measure of ordering the controller to adequately respond to the data subject who submitted the requests.

Related Enforcement Actions (0)

No other enforcement actions found for Vodafone România S.A. in RO

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

4 November 2020

Authority

Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal

Fine Amount

€4,000

GDPRhub ID

gdprhub-2900

Sources

About this data

Data: GDPRhub (noyb.eu)
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Vodafone România S.A. - Romania (2020). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: