Romania

IAMSAT Muntenia SA

3,000 €

GDPR enforcement action by Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) on 2022-02-22.

Rank · Sector

#157

of 213 in Employment

Rank · Romania

#119

of 283

Rank · All fines

#2,056

of 3,050

Case details

Authority: Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)
Date: 2022-02-22
Controller / Processor: IAMSAT Muntenia SA
Sector: Employment
Quoted Articles: Art. 12 GDPR, Art. 13 GDPR, Art. 21 GDPR
Type of violation: Insufficient fulfilment of data subjects rights

Summary

The Romanian DPA has imposed a fine of EUR 3,000 on IAMSAT Muntenia SA.

The DPA launched an investigation following a complaint from a former employee who claimed that the controller continued to process their personal data even after the termination of their employment contract in 2020. The data subject had previously stated that they would not agree to the continued use of their email address and that they objected to the processing of their personal data by the controller or/and by third parties after the termination of their employment contract.

In the course of its investigation, the DPA also found that the controller had not informed its employees, including the data subject, in advance and comprehensively about the processing of their personal data by a video surveillance system at the workplace.

Open original source Links to the regulator's original publication or another source.