ANSPDCP (Romania) - Fine to Dante Internațional SA

From GDPRhub
Revision as of 17:00, 27 March 2020 by GDPRhubVolunteers (talk | contribs) (Created page with "{{DPAdecisionBOX |Jurisdiction=Romania |DPA-BG-Color=background-color:#ffffff; |DPAlogo=LogoRO.jpg |DPA_Abbrevation=ANSPDCP |DPA_With_Country=ANSPDCP (Romania) |Case_Number_...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
ANSPDCP - fine to Operatorul Dante Internațional SA
LogoRO.jpg
Authority: ANSPDCP (Romania)
Jurisdiction: Romania
Relevant Law: Article 6 GDPR
Article 21(3) GDPR
Type: Complaint
Outcome: Upheld
Started:
Decided: 27.02.2020
Published: 26.03.2020
Fine: 3.000 EUR
Parties: Dante Internațional SA
National Case Number/Name: fine to Operatorul Dante Internațional SA
European Case Law Identifier: n/a
Appeal: Unknown
Original Language(s): Romanian
Original Source: ANSPDCP (in RO)
Initial Contributor: n/a

The Romanian DPA (ANSPDCP) fined electronics and appliance company EUR 3,000 because it kept contacting an individual for commercial purposes, although the individual had objected to that according to Article 21(3) GDPR.

English Summary

Facts

The complainant received a commercial message from Operatorul Dante Internațional SA (the data controller), although they had exercised their right to object to processing as foreseen in Article 21(3) GDPR.

Dispute

Holding

The ANSPDCP confirmed that the complainant had exercised the right to object and nevertheless the controller contacted them for commercial purposes. The ANSPDCP imposed two corrective measures on the controller according to Article 58(2)(c) and (d) GDPR and the fine of 14,420.4 lei, the equivalent of the amount of EUR 3,000.

Comment

Further Resources

Share blogs or news articles here!

English Machine Translation of the Decision

The decision below is a machine translation of the Romanian original. Please refer to the Romanian original for more details.

On 27.02.2020, the National Supervisory Authority finalized an investigation with the operator Dante Internațional S.A., the owner of e-MAG.ro and found that it violated the provisions of art. 6 of the General Regulation on Data Protection, by reference to the provisions of art. 21 paragraph (3) of the Regulation.

The operator Dante Internațional SA was sanctioned contraventional with a fine in the amount of 14,420.4 lei, the equivalent of the amount of 3000 EURO.

The sanction was applied to the operator because at the end of 2019 he sent a commercial message to a natural person, although at the beginning of 2019 the operator had confirmed to him the unsubscription from commercial communications.

At the same time, two corrective measures were applied to the operator Dante International SA, pursuant to the provisions of art. 58 paragraph (2) lit. c) and d) of the General Regulation on Data Protection.

Thus, the operator was obliged to implement the request of the natural person to be deactivated from the database the setting regarding the transmission to his e-mail address of the commercial messages, within 3 working days from the communication of the minutes. At the same time, the operator was obliged to take measures so that the provisions of art. 21 of the Regulation, within 20 days from the date of communication of the minutes.

In this context we mention that art. 21 paragraph (3) of the General Regulation on Data Protection, provides that "if the data subject opposes the processing for the purpose of direct marketing, the personal data are no longer processed for this purpose."