ANSPDCP (Romania) - Fine against BEST ELAN ONLINE SRL

From GDPRhub
Revision as of 08:51, 14 August 2024 by Fb (talk | contribs) (Created page with "{{DPAdecisionBOX |Jurisdiction=Romania |DPA-BG-Color=background-color:#ffffff; |DPAlogo=LogoRO.jpg |DPA_Abbrevation=ANSPDCP |DPA_With_Country=ANSPDCP (Romania) |Case_Number_Name=Fine against BEST ELAN ONLINE SRL |ECLI= |Original_Source_Name_1=ANSPDCP |Original_Source_Link_1=https://www.dataprotection.ro/?page=Comunicat_Presa_06.08.2024&lang=ro |Original_Source_Language_1=Romanian |Original_Source_Language__Code_1=RO |Original_Source_Name_2= |Original_Source_Link_2= |O...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
ANSPDCP - Fine against BEST ELAN ONLINE SRL
LogoRO.jpg
Authority: ANSPDCP (Romania)
Jurisdiction: Romania
Relevant Law: Article 58(1)(a) GDPR
Type: Complaint
Outcome: Upheld
Started:
Decided:
Published: 06.08.2024
Fine: 4,977.10 RON
Parties: BEST ELAN ONLINE SRL
National Case Number/Name: Fine against BEST ELAN ONLINE SRL
European Case Law Identifier: n/a
Appeal: Unknown
Original Language(s): Romanian
Original Source: ANSPDCP (in RO)
Initial Contributor: fb

The DPA fined a controller €1,000 after it performed unsolicited phone calls and did not comply with the DPA's order to provide information according to Article 58(1)(a) GDPR.

English Summary

Facts

The data subject received unsolicited commercial phone calls from the controller. After that, they submitted an erasure request to the controller.

However, the controller never replied to this request and kept performing the phone calls.

Therefore, the data subject filed a complaint with the DPA. The DPA ordered the controller to provide information pursuant to Article 58(1)(a) GDPR. The controller did not reply to this request.

Holding

The DPA noted that the controller failed to reply to its order to provide information about the processing at hand. Therefore, it found a violation of Article 58(1)(a) GDPR.

On these grounds, it issued a fine of €1,000 (RON 4,977.10).

Comment

This summary is based on a press release. The Romanian DPA does not publish its decisions.

Further Resources

Share blogs or news articles here!

English Machine Translation of the Decision

The decision below is a machine translation of the Romanian original. Please refer to the Romanian original for more details.

08/06/2024

Penalty for GDPR violation

 

The National Supervisory Authority for the Processing of Personal Data completed in July 2024 an investigation at the operator BEST ELAN ONLINE SRL and found a violation of the provisions of art. 58 para. (1) of Regulation (EU) 2016/679.

As such, the operator was fined 4,977.1 lei (equivalent to 1,000 EURO).

The investigation started as a result of a complaint submitted by a targeted person who indicated that he was receiving unsolicited commercial messages from the operator. Although the natural person requested the deletion of his personal data, including by accessing a link made available to the data subjects by the operator, the petitioner did not receive any response to his request. The operator continued to send new unsolicited commercial messages to the data subject.

During the investigation, the operator did not communicate to the National Supervisory Authority for the Processing of Personal Data the information requested based on its investigative powers, thus violating the provisions of art. 58 para. (1) of Regulation (EU) 2016/679.

In addition, in relation to the fine, the operator was ordered to communicate to the National Supervisory Authority for the Processing of Personal Data all the information and documents requested in the investigation, pursuant to art. 58 para. (1) lit. a) and e) of the same regulation.

Legal and Communication Department

A.N.S.P.D.C.P.