Compania Națională Poșta Română S.A.
€5,000
Insufficient legal basis for data processing
Päätöspäivä
16. toukokuuta 2023
Viranomainen
Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)
RO
Ala
Transportation and Energy
Maa
RO
Laki
GDPRTila
FINALKuvaus
The Romanian DPA has imposed a fine of EUR 5,000 on the Romanian Post (Compania Națională Poșta Română S.A.). During its investigation, the DPA found that the controller had processed personal data of employees without a valid legal basis.
Oikeudelliset viittaukset
Art. 5 (1)Art. 5 (2)Art. 6 (1)
Asiat ja rikkomukset
Insufficient legal basis for data processing