ANSPDCP (Romania) - Fine against Sephora Cosmetics România SA

From GDPRhub
ANSPDCP - Fine against Sephora Cosmetics România SA
LogoRO.jpg
Authority: ANSPDCP (Romania)
Jurisdiction: Romania
Relevant Law: Article 21 GDPR
Type: Investigation
Outcome: Violation Found
Started:
Decided:
Published: 04.08.2022
Fine: 2000 EUR
Parties: Sephora Cosmetics România SA
National Case Number/Name: Fine against Sephora Cosmetics România SA
European Case Law Identifier: n/a
Appeal: Unknown
Original Language(s): Romanian
Original Source: ANSPDCP (in RO)
Initial Contributor: Diana Rosu

The Romanian DPA fined Sephora Romania €2,000 because it continued to send a data subject marketing messages via SMS after she exercised her right to object.

English Summary[edit | edit source]

Facts[edit | edit source]

The data subject received marketing messages via SMS from Sephora Romania (the controller). She requested the controller to stop using her personal data for marketing purposes. Despite the controllers confirmation that it would no longer process her personal data for marketing purposes, she kept receiving messages.

The data subject therefore filed a complaint with the Romanian DPA.

Holding[edit | edit source]

The DPA investigated the matter and found that the controller continued to send several unsolicited marketing messages via SMS after the data subject exercised her right to object in this regard.

The DPA held that the controller violated Article 21 GDPR and fined it approximately €2,000.

Comment[edit | edit source]

The Romanian DPA rarely published full decisions. This summary is based on a press release of the Romanian DPA.

Further Resources[edit | edit source]

Share blogs or news articles here!

English Machine Translation of the Decision[edit | edit source]

The decision below is a machine translation of the Romanian original. Please refer to the Romanian original for more details.

08/04/2022



Fine for GDPR violation



In July 2022, the National Supervisory Authority completed an investigation at the operator Sephora Cosmetics Romania SA and found a violation of the provisions of art. 21 of the General Data Protection Regulation.

The operator of Sephora Cosmetics Romania SA was fined 9,883.60 lei (the equivalent of 2000 EURO).

The investigation was started as a result of receiving a complaint from a petitioner claiming that she had received commercial SMS messages on her phone number from Sephora Cosmetics Romania SA. At the same time, she claimed that following her repeated requests, submitted at the end of 2020, that her data would no longer be used for marketing purposes, Sephora informed her at the beginning of 2021 that her data would no longer be processed for marketing purposes. marketing. However, later, during 2021, the petitioner received unsolicited commercial SMS messages from Sephora Cosmetics Romania SA.

During the investigation carried out, it was found that Sephora Cosmetics Romania SA sent the petitioner, on her phone number, on several occasions, during 2021, commercial messages for marketing purposes, although she, through the requests sent to the operator in 2020, had exercised the right of opposition regarding the use of his own telephone number for marketing purposes.

As such, Sephora Cosmetics Romania SA was sanctioned for violating the provisions of art. 21 of the General Data Protection Regulation, which guarantees the data subject the right to object at any time, for reasons related to the particular situation in which he is, to the processing of personal data concerning him.



Legal and Communication Department

A.N.S.P.D.C.P.