Skip to content
Enforcement
EN

Vodafone Romania S.A.: Insufficient technical and organisational measures to ensure information security

€5,000 fine - Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)

€5,000 Fine
Vodafone Romania S.A.
ROMANIA
Insufficient technical and organisational measures to ensure information security

Content

The Romanian DPA fined Vodafone Romania S.A. EUR 5,000 for sending emails to different recipients without including them in the blind carbon copy (BCC) list. This resulted in the unauthorized disclosure of email addresses to other recipients.

GDPR Articles: Art. 32 GDPR
Industry: Media, Telecoms and Broadcasting