Romania Romania

Ana Hotels SRL

8,000 €

GDPR enforcement action by Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) on 2024-08-20.

Rank · Sector
#27
of 100 in Accomodation and Hospitality
Rank · Romania
#54
of 284
Rank · All fines
#1,523
of 3,051

Case details

Authority
Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)
Date
2024-08-20
Controller / Processor
Ana Hotels SRL
Sector
Accomodation and Hospitality
Quoted Articles
Art. 32 (1) b), d) GDPR, Art. 32 (2) GDPR
Type of violation
Insufficient technical and organisational measures to ensure information security

Summary

The Romanian DPA has fined Ana Hotels SRL EUR 8,000. The controller had suffered a data breach which resulted in the unauthorized disclosure of personal data processed and stored in their IT systems. The DPA found that the controller had failed to implement adequate technical and organizational measures to protect personal data.

Open original source Links to the regulator's original publication or another source.

Related fines