ANSPDCP (Romania) - Vodafone România S.A. 3: Difference between revisions
m (Cp moved page ANSPDCP - ANSPDCP - Vodafone România S.A. 3 to ANSPDCP - Vodafone România S.A. 3) |
m (Ar moved page ANSPDCP - Vodafone România S.A. 3 to ANSPDCP (Romania) - Vodafone România S.A. 3) |
Latest revision as of 15:21, 13 December 2023
ANSPDCP - ANSPDCP - Vodafone România S.A. 3 | |
---|---|
Authority: | ANSPDCP (Romania) |
Jurisdiction: | Romania |
Relevant Law: | Article 12 GDPR Article 15 GDPR Article 17 GDPR |
Type: | Investigation |
Outcome: | Violation Found |
Started: | |
Decided: | 04.11.2020 |
Published: | 23.11.2020 |
Fine: | 4000 EUR |
Parties: | Vodafone România S.A. |
National Case Number/Name: | ANSPDCP - Vodafone România S.A. 3 |
European Case Law Identifier: | n/a |
Appeal: | n/a |
Original Language(s): | Romanian |
Original Source: | ANSPDCP (in RO) |
Initial Contributor: | n/a |
The Romanian DPA (ANSPDCP) fined Vodafone €4000 for not responding to access and erasure requests in breach of Articles 12, 15, and 17 GDPR.
English Summary
Facts
The ANSPDCP conducted an investigation into Vodafone România S.A. and found that the controller could not demonstrate compliance and prove that it had fulfilled access and deletion requests.
Dispute
Did the controller facilitate and fulfill the rights of data subjects enshrined in Articles 12, 15, and 17 GDPR?
Holding
The ANSPDCP held that the controller failed to meet its obligations, as it could not prove that it had replied to or complied with the requests from data subject. The DPA therefore fined Vodafone €4000 for breaching Articles 12, 15, and 17 GDPR.
Furthermore, the DPA imposed the corrective measure of ordering the controller to adequately respond to the data subject who submitted the requests.
Comment
Share your comments here!
Further Resources
Share blogs or news articles here!
English Machine Translation of the Decision
The decision below is a machine translation of the Romanian original. Please refer to the Romanian original for more details.
The National Supervisory Authority completed on 04.11.2020 an investigation at the operator Vodafone Romania SA and found the violation of the provisions of art. 12, art. 15 and art. 17 of the General Data Protection Regulation. The operator of Vodafone Romania SA was sanctioned with a fine in the amount of 19468.8 lei, the equivalent of the amount of 4000 EURO. The sanction was applied following some complaints claiming that the operator did not respond to requests to exercise the rights of access and deletion provided by art. 15 and art. 17 of the General Data Protection Regulation. During the investigation, Vodafone Romania SA could not prove the settlement of the requests for exercising the access and deletion rights within the term provided by art. 12 of the Regulation. At the same time, the corrective measure was applied to the operator to communicate a response to the petitioner to his requests regarding the measures adopted on their basis. A.N.S.P.D.C.P.