ANSPDCP (Romania) - Asociația Asistenței Rutiere A-Car Vaslui

From GDPRhub
Revision as of 12:12, 25 August 2021 by RRA (talk | contribs) (Created page with "{{DPAdecisionBOX |Jurisdiction=Romania |DPA-BG-Color=background-color:#ffffff; |DPAlogo=LogoRO.jpg |DPA_Abbrevation=ANSPDCP (Romania) |DPA_With_Country=ANSPDCP (Romania) |Ca...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
ANSPDCP (Romania) - Asociația Asistenței Rutiere A-Car Vaslui
LogoRO.jpg
Authority: ANSPDCP (Romania)
Jurisdiction: Romania
Relevant Law: Article 58(1)(a) GDPR
Article 58(1)(e) GDPR
Law No. 190/2018 Implementing the General Data Protection Regulation (Regulation (EU) 2016/679)
Type: Complaint
Outcome: Other Outcome
Started:
Decided:
Published:
Fine: 10000 RON
Parties: Asociația Asistenței Rutiere A-Car Vaslui
National Case Number/Name: Asociația Asistenței Rutiere A-Car Vaslui
European Case Law Identifier: n/a
Appeal: Unknown
Original Language(s): Romanian
Original Source: ANSPDCP (in RO)
Initial Contributor: n/a

The Romanian DPA fined a controller approximately €2,000, for failing to comply with a warning and an order to provide the DPA with all the information it required during its investigation into the controller.

English Summary

Facts

In July 2021, the Romanian DPA completed an investigation into a roadside assistance service, Asociația Asistenței Rutiere A-Car Vaslui. The investigation was started as a result of a notification regarding the fact that the controller processes personal data, in this case images, of children via the website www.a-carvaslui.ro.

During the investigation, the operator did not respond to the requests of our institution. In line with the procedural requirements of Article 13 of Law No. 190/2018 Implementing the GDPR in Romania, the DPA issued the controller a warning for violating Article 58(1)(a) and (e) GDPR, and ordered the controller to provide all the requested information within 5 working days.

The controller failed to provide the requested information within the timeframe.

Dispute

Holding

Accordingly, following Article 14 of Law No. 190/2018, the DPA fined the controller RON 10,000 (approximately €2,000) for violating Article 58(1)(a) and (e) GDPR.

Comment

Share your comments here!

Further Resources

Share blogs or news articles here!

English Machine Translation of the Decision

The decision below is a machine translation of the Romanian original. Please refer to the Romanian original for more details.






25.08.2021 & # 13;
Fine in application of Law no. 190/2018 & # 13;
& # 13;
The National Supervisory Authority completed in July of this year an investigation at the A-Car Vaslui Roadside Assistance Association, an operator under the provisions of art. 2 para. (1) lit. a) of Law no. 190/2018. & # 13;
The investigation was started as a result of a notification regarding the fact that the A-Car Vaslui Roadside Assistance Association processes personal data of minors (image), through the website www.a-carvaslui.ro. & # 13;
As during the investigation launched, the operator did not respond to the requests of our institution, he was first sanctioned with a warning for violating art. 58 para. (1) lit. a) and letter e) of Regulation (EU) 2016/679, pursuant to art. 13 of Law no. 190/2018. & # 13;
Also, the National Supervisory Authority issued the Remediation Plan provided by art. 13 para. (1) of Law 190/2018, with the measure to provide all the information requested by our institution within 5 working days from the date of communication of the minutes. & # 13;
The A-Car Vaslui Roadside Assistance Association did not carry out the measures provided in the remediation plan communicated by the National Supervisory Authority, thus violating the provisions of art. 58 para. (1) lit. a) and letter e) of Regulation (EU) 2016/679. & # 13;
As such, pursuant to art. 14 para. (1) of Law no. 190/2018, the operator was sanctioned with a fine in the amount of 10,000 lei, for the deed provided by art. 14 para. (5) lit. e) of Law no. 190/2018, reported in art. 58 para. (1) lit. a) and letter e) of Regulation (EU) 2016/679. & # 13;
& # 13;
Legal and Communication Department & # 13;
A.N.S.P.D.C.P.