Roumasport SRL – €10,184 Fine (Romania, 2025)

€10,184Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal30 December 2025Romania
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Roumasport SRL was fined for not protecting customer data properly, leading to repeated data breaches. The Romanian data protection authority found that the company failed to implement necessary security measures. This case serves as a reminder for businesses to prioritize data security to avoid costly penalties.

What happened

Roumasport SRL failed to implement adequate security measures, resulting in data breaches affecting customers.

Who was affected

The customers of Roumasport SRL were affected by the data breaches.

What the authority found

The Romanian data protection authority fined Roumasport SRL for not ensuring sufficient security for personal data.

Why this matters

This fine illustrates the need for companies to take data security seriously. Small businesses should regularly review their security practices to protect customer information and avoid fines.

GDPR Articles Cited

AI-verified

Art. 24(1) GDPR
Art. 32(1)(b) GDPR
Art. 32(2) GDPR
View original scraped data
Art. 24(1) GDPR
Art. 32(1)(b) GDPR
Art. 32(2) GDPR

Original data from scraper before AI verification against source document.

Source verified 14 March 2026
amount discrepancy
Romania enforcementAutoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal actionsAll Roumasport SRL actions
Full Legal Summary
Detailed

Roumasport SRL (the controller) notified the Romanian DPA (ANSPDCP) of repeated data breaches affecting a significant number of its customers. Consequently, the DPA launched an investigation into the controller. The DPA found that the controller failed to implement appropriate technical and organisational measures to ensure that the level of security corresponded to the risk posed by the personal data processing. Therefore, the DPA issued a fine of RON 50,920 (€10,000) to the controller for violations of Article 32(1)(b) GDPR, Article 32(2) GDPR and Article 24(1) GDPR.

Related Enforcement Actions (0)

No other enforcement actions found for Roumasport SRL in RO

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

30 December 2025

Authority

Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal

Fine Amount

€10,184

50,920 RON

GDPRhub ID

gdprhub-9719

Sources

About this data

Data: GDPRhub (noyb.eu)
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Roumasport SRL - Romania (2025). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: