🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)
340 decisions · €2.3M total fines · ROMANIA →
| Date ↓ | Company / party | Authority | Articles | Fine |
|---|---|---|---|---|
| 2025-03-25 | NTT DATA ROMANIA S.A. Insufficient technical and organisational measures to ensure information security | 🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Art. 32Art. 33 | €25,000 |
| 2025-03-21 | Bucharest Down Town Hotel SRL Insufficient fulfilment of data subjects rights | 🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Art. 12Art. 13Art. 15 | €1,000 |
| 2025-03-20 | ONE UNITED PROPERTIES S.A Insufficient legal basis for data processing | 🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Art. 6Art. 12Art. 15Art. 17 | €2,000 |
| 2025-03-12 | Automobilus International S.R.L. Insufficient technical and organisational measures to ensure information security | 🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Art. 32 | €5,000 |
| 2025-03-11 | Noy Business Tranzactions SRL Insufficient fulfilment of data subjects rights | 🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Art. 12Art. 15Art. 17 | €1,000 |
| 2025-03-06 | SHOPBAG GROUP ONLINE SRL Insufficient cooperation with supervisory authority | 🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Art. 58 | €2,000 |
| 2025-03-04 | WEBRASOFT SRL Insufficient technical and organisational measures to ensure information security | 🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Art. 32 | €20,000 |
| 2025-03-03 | BEKO ROMANIA SA Insufficient technical and organisational measures to ensure information security | 🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Art. 32 | €10,000 |
| 2025-02-27 | Velvet Medical SRL Insufficient fulfilment of data subjects rights | 🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Art. 12Art. 15 | €1,000 |
| 2025-02-20 | Medstar S.R.L. Insufficient technical and organisational measures to ensure information security | 🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Art. 32 | €2,000 |
| 2025-02-17 | Meedea Construct Prest SRL Insufficient legal basis for data processing | 🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Art. 5Art. 6Art. 9 | €2,000 |
| 2025-02-10 | PPC Energie Muntenia SA Insufficient legal basis for data processing | 🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Art. 5Art. 6Art. 12Art. 15 | €3,000 |
| 2025-02-06 | Omniasig Vienna Insurance Group S.A. Insufficient technical and organisational measures to ensure information security | 🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Art. 32 | €3,000 |
| 2025-02-05 | FARMEC SA Insufficient technical and organisational measures to ensure information security | 🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Art. 25Art. 32 | €5,000 |
| 2025-02-04 | V&M Contab & Management SRL Insufficient technical and organisational measures to ensure information security | 🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Art. 32Art. 58 | €10,000 |
| 2025-02-03 | Unicredit Bank SA Insufficient technical and organisational measures to ensure information security | 🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Art. 25 | €15,000 |
| 2025-01-31 | S.P.E.E.H. HIDROELECTRICA S.A Insufficient technical and organisational measures to ensure information security | 🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Art. 25 | €15,000 |
| 2025-01-27 | Orange Romania SA Non-compliance with general data processing principles | 🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Art. 5Art. 6Art. 7Art. 12 | €40,000 |
| 2025-01-23 | Softehnica S.R.L. Insufficient technical and organisational measures to ensure information security | 🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Art. 32 | €5,000 |
| 2025-01-20 | Vodafone Romania S.A. Insufficient technical and organisational measures to ensure information security | 🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Art. 32 | €15,000 |
| 2025-01-17 | DELIVERY SOLUTIONS S.A. Insufficient technical and organisational measures to ensure information security | 🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Art. 32 | €2,000 |
| 2025-01-03 | Unirea Medical Center S.R.L. Insufficient technical and organisational measures to ensure information security | 🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Art. 24Art. 32 | €2,000 |
| 2024-11-04 | Blackcab Systems SRL Insufficient fulfilment of data subjects rights | 🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Art. 12Art. 15 | €1,000 |
| 2024-10-30 | Untold SRL Insufficient fulfilment of data subjects rights | 🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Art. 12Art. 15Art. 17 | €15,000 |
| 2024-10-28 | Vodafone Romania S.A. Insufficient technical and organisational measures to ensure information security | 🇪🇺 Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) | Art. 32 | €5,000 |