Compania Națională Poșta Română S.A.
€5,000
Insufficient legal basis for data processing
Date de décision
16 mai 2023
Autorité
Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)
RO
Secteur
Transportation and Energy
Pays
RO
Droit
GDPRStatut
FINALDescription
The Romanian DPA has imposed a fine of EUR 5,000 on the Romanian Post (Compania Națională Poșta Română S.A.). During its investigation, the DPA found that the controller had processed personal data of employees without a valid legal basis.
Citations légales
Art. 5 (1)Art. 5 (2)Art. 6 (1)
Questions et violations
Insufficient legal basis for data processing