Skip to content
Enforcement
EN

Apă Canal Ilfov SA: Insufficient technical and organisational measures to ensure information security

€3,000 fine - Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)

€3,000 Fine
Apă Canal Ilfov SA
ROMANIA
Insufficient technical and organisational measures to ensure information security

Content

The Romanian DPA has imposed a fine of EUR 3,000 on Apă Canal Ilfov SA. The controller sent an e-mail with personal data to several recipients in an open distribution list. This made it possible for the recipients to view the e-mail addresses of all other recipients.

GDPR Articles: Art. 32 (1) b) GDPR, Art. 32 (2) GDPR, Art. 32 (4) GDPR
Industry: Industry and Commerce