Enforcement
EN Vodafone Romania S.A.: Insufficient technical and organisational measures to ensure information security
€5,000 fine - Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)
Content
The Romanian DPA fined Vodafone Romania S.A. EUR 5,000 for sending emails to different recipients without including them in the blind carbon copy (BCC) list. This resulted in the unauthorized disclosure of email addresses to other recipients.
GDPR Articles: Art. 32 GDPR
Industry: Media, Telecoms and Broadcasting