Sanatatea Press Group S.R.L. – €2,000 Fine (Romania, 2020)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Sanatatea Press Group S.R.L. was fined for mistakenly sending login details of 1,300 participants to the wrong email addresses. This incident matters because it shows how easily personal information can be exposed, and companies must take data security seriously. Businesses should improve their data handling practices to protect user information.
What happened
Sanatatea Press Group S.R.L. accidentally disclosed personal data by sending login information to incorrect email addresses.
Who was affected
1,300 participants of an online event organized by Sanatatea Press Group S.R.L. were affected.
What the authority found
The Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal found that Sanatatea Press Group S.R.L. breached data protection rules by failing to secure personal data.
Why this matters
This case serves as a warning for companies to prioritize data security and ensure proper protocols are in place to prevent unauthorized disclosures. It highlights the potential risks of mishandling personal information.
GDPR Articles Cited
In the context of an online event that it was organising, the data controller erroneously sent the login data of 1300 participants to other email addresses than the ones that the users had created their accounts with. The data breach led to the unauthorised disclosure of the names and email addresses of the data subjects. The data controller notified the ANSPDCP of the data breach, which triggered the DPA's investigation. Therefore, there was no dispute with regards to the presence of a security incident. The DPA held that the controller had breached its obligations under Articles 5(1)(f), as well as 32(1) and (2). As a consequence, the ANSPDCP issued an administrative fine of €2000 against Sanatatea Press Group S.R.L.
Related Enforcement Actions (0)
No other enforcement actions found for Sanatatea Press Group S.R.L. in RO
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
12 August 2020
Authority
Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal
Fine Amount
€2,000
Enforcement Tracker ID
ETid-401
GDPRhub ID
gdprhub-2685About this data
Cite as: Cookie Fines. Sanatatea Press Group S.R.L. - Romania (2020). Retrieved from cookiefines.eu
Last updated: