ANSPDCP (Romania) - Fine against Sephora Cosmetics România SA
| ANSPDCP - Fine against Sephora Cosmetics România SA | |
|---|---|
 | |
| Authority: | ANSPDCP (Romania) |
| Jurisdiction: | Romania |
| Relevant Law: | Article 21 GDPR |
| Type: | Investigation |
| Outcome: | Violation Found |
| Started: | |
| Decided: | |
| Published: | 04.08.2022 |
| Fine: | 2000 EUR |
| Parties: | Sephora Cosmetics România SA |
| National Case Number/Name: | Fine against Sephora Cosmetics România SA |
| European Case Law Identifier: | n/a |
| Appeal: | Unknown |
| Original Language(s): | Romanian |
| Original Source: | ANSPDCP (in RO) |
| Initial Contributor: | Diana Rosu |
The Romanian DPA fined Sephora Romania €2,000 because it continued to send a data subject marketing messages via SMS after she exercised her right to object.
English Summary
Facts
The data subject received marketing messages via SMS from Sephora Romania (the controller). She requested the controller to stop using her personal data for marketing purposes. Despite the controllers confirmation that it would no longer process her personal data for marketing purposes, she kept receiving messages.
The data subject therefore filed a complaint with the Romanian DPA.
Holding
The DPA investigated the matter and found that the controller continued to send several unsolicited marketing messages via SMS after the data subject exercised her right to object in this regard.
The DPA held that the controller violated Article 21 GDPR and fined it approximately €2,000.
Comment
The Romanian DPA rarely published full decisions. This summary is based on a press release of the Romanian DPA.
Further Resources
Share blogs or news articles here!
English Machine Translation of the Decision
The decision below is a machine translation of the Romanian original. Please refer to the Romanian original for more details.
08/04/2022 Fine for GDPR violation In July 2022, the National Supervisory Authority completed an investigation at the operator Sephora Cosmetics Romania SA and found a violation of the provisions of art. 21 of the General Data Protection Regulation. The operator of Sephora Cosmetics Romania SA was fined 9,883.60 lei (the equivalent of 2000 EURO). The investigation was started as a result of receiving a complaint from a petitioner claiming that she had received commercial SMS messages on her phone number from Sephora Cosmetics Romania SA. At the same time, she claimed that following her repeated requests, submitted at the end of 2020, that her data would no longer be used for marketing purposes, Sephora informed her at the beginning of 2021 that her data would no longer be processed for marketing purposes. marketing. However, later, during 2021, the petitioner received unsolicited commercial SMS messages from Sephora Cosmetics Romania SA. During the investigation carried out, it was found that Sephora Cosmetics Romania SA sent the petitioner, on her phone number, on several occasions, during 2021, commercial messages for marketing purposes, although she, through the requests sent to the operator in 2020, had exercised the right of opposition regarding the use of his own telephone number for marketing purposes. As such, Sephora Cosmetics Romania SA was sanctioned for violating the provisions of art. 21 of the General Data Protection Regulation, which guarantees the data subject the right to object at any time, for reasons related to the particular situation in which he is, to the processing of personal data concerning him. Legal and Communication Department A.N.S.P.D.C.P.
