Romania: ANSPDCP fines Vodafone Romania RON 20,000 for violating security and confidentiality of data
The National Supervisory Authority for Personal Data Processing ('ANSPDCP') announced, on 25 March 2020, that it had fined Vodafone Romania SA RON 20,000 (approx. €4,140) for violating security and confidentiality of data. In particular, ANSPDCP highlighted that a petitioner claimed that he had requested an offer by telephone from Vodafone Romania and that, subsequently, he received to his email address, a contract concluded by Vodafone Romania with another natural person. The petitioner had suspected that his personal data may have been disclosed to the person on the contract. Following an investigation, ANSPDCP found that Vodafone Romania had failed to comply with Article 3 of the Law No. 506/2004 as it had not taken appropriate technical and organisational measures in order to ensure the security of the processing of personal data.
You can read the press release, only available in Romanian, here.