Enforcement
EN IRIDEX GROUP SALUBRIZARE SRL: Insufficient technical and organisational measures to ensure information security
€2,000 fine - Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)
Content
The Romanian DPA has imposed a fine of EUR 2,000 on IRIDEX GROUP SALUBRIZARE SRL. The controller had sent an e-mail to customers without using the blind copy option, revealing the email addresses of all recipients to the other recipients.
GDPR Articles: Art. 32 (1) b) GDPR, Art. 32 (2), (3), (4) GDPR
Industry: Not assigned