Banner2.png

ANSPDCP (Romania) - Tensa Art Design S.A.

From GDPRhub
ANSPDCP - Tensa Art Design S.A.
LogoRO.jpg
Authority: ANSPDCP (Romania)
Jurisdiction: Romania
Relevant Law: Article 6 GDPR
Article 12 GDPR
Type: Complaint
Outcome: Upheld
Started:
Decided:
Published: 15.10.2015
Fine: 74,661 RON
Parties: n/a
National Case Number/Name: Tensa Art Design S.A.
European Case Law Identifier: n/a
Appeal: Unknown
Original Language(s): Romanian
Original Source: ANSPDCP (in RO)
Initial Contributor: cci

The DPA fined a company RON 74,661 (€ 15,000) for engaging in direct marketing without the data subject’s consent, and for failing to respond to the data subject’s requests.

English Summary

Facts

A data subject received unsolicited marketing communication from Tensa Art Design S.A. (the controller). The data subject exercised their right to access as well as their right to erasure. The controller failed to respond to both requests.

Holding

The DPA held that the controller violated Article 6(1) GDPR by carrying out direct marketing without the data subject’s consent. The DPA also held that the controller violated Article 12 GDPR by failing to respond to the data subject’s requests.

The DPA fined the data controller RON 74,661 (€ 15,000). Additionally, the DPA ordered the controller to only engage in direct marketing with consent, to respond to the data subject’s requests, and to implement the necessary measures to properly handle data subjects’ requests in the future.

Comment

Share your comments here!

Further Resources

Share blogs or news articles here!

English Machine Translation of the Decision

The decision below is a machine translation of the Romanian original. Please refer to the Romanian original for more details. 

10.04.2024

A new sanction for non-compliance with the GDPR

 

The National Supervisory Authority for Personal Data Processing completed, in March 2025, an investigation at the operator Tensa Art Design S.A., owner of the website www.lensa.ro, and found a violation of the provisions of art. 6 para. (1) let. a) of Regulation (EU) 2016/679 (GDPR) and art. 12 para. (1)-(4), in relation to art. 15 and 17 of the same regulatory act.

As such, the operator was sanctioned as follows:

fine in the amount of 49,774 lei, the equivalent of 10,000 EURO for violating art. 6 para. (1) let. a) of the GDPR; fine in the amount of 24,887 lei, equivalent to 5,000 EURO for the violation of art. 12 par. (1) -(4), in relation to art. 15 and 17 of the GDPR.

The investigation was initiated as a result of the fact that a petitioner notified the National Supervisory Authority regarding the fact that the operator Tensa Art Design S.A., owner of the website www.lensa.ro, processed his telephone number for direct marketing purposes, without his consent, communicating commercial SMS messages through which the petitioner was informed about the company's offers.

During the investigation, it was found that the operator S.C. Tensa Art Design S.A did not prove the existence of the petitioner's consent for the processing of his personal data for direct marketing purposes, thus violating the provisions of art. 6 par. (1) letter a) of the GDPR.

It was also found that the operator did not properly manage the requests by which the petitioner exercised his rights of access and deletion provided for by the GDPR, the response received not being in accordance with the provisions of art. 12 para. (1)-(4) of Regulation (EU) 2016/679, in relation to art. 15 and 17 of the same regulatory act.

At the same time, pursuant to art. 58 para. (2) letters c) and d) of the GDPR, the operator Tensa Art Design S.A. was ordered and the following corrective measures:

to ensure compliance with the GDPR of personal data processing operations, by adopting the necessary technical and organizational measures, including in terms of appropriate training of the personnel designated for this purpose, so that the processing of personal data for direct marketing purposes by sending commercial communications through electronic communications services intended for the public (such as telephone, SMS, e-mail) is carried out only on the basis of the express valid consent of the data subjects, obtained for this purpose; to send a written response to the requests of the requester in accordance with the provisions of art. 15 and 17 of the GDPR; to ensure compliance with the GDPR of personal data processing operations, by adopting the necessary technical and organizational measures, including in terms of appropriate training of the personnel designated for this purpose, so that the operator is able to receive, analyze, correctly resolve and respond to all requests by which the data subjects exercise their rights, within the deadlines and according to the conditions provided for in art. 12-23 of the GDPR.

 

Legal and Communication Department

A.N.S.P.D.C.P.
Retrieved from "https://gdprhub.eu/index.php?title=ANSPDCP_(Romania)_-_Tensa_Art_Design_S.A.&oldid=46981"
Creative Commons Attribution-NonCommercial-ShareAlike
Powered by MediaWiki