Romania

Natural person holding the position of General Secretary for a political party in Bucharest

500 €

GDPR enforcement action by Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) on 2021-03-04.

Rank · Sector

#353

of 357 in Public Sector and Education

Rank · Romania

#270

of 283

Rank · All fines

#2,852

of 3,050

Case details

Authority: Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)
Date: 2021-03-04
Controller / Processor: Natural person holding the position of General Secretary for a political party in Bucharest
Sector: Public Sector and Education
Quoted Articles: Art. 32 (1), (2) GDPR, Art. 58 (1) a), e) GDPR
Type of violation: Insufficient technical and organisational measures to ensure information security

Summary

The Romanian DPA (ANSPDCP) imposed a fine in the amount of EUR 500 against a natural person holding the position of General Secretary for a political party in Bucharest. The controller had published a list on a social network, which contained personal data such as names, signatures, nationalities, dates of birth, postal addresses, of ten supporters of the party. The DPA found that the controller had failed to implement adequate technical and organizational measures to protect the processing of personal data. In addition, the controller had not sufficiently cooperated with the DPA in its investigation.

Open original source Links to the regulator's original publication or another source.