Home » Comunicat_Presa_13.03.2023
 Română | English | Francais

sigla_anspdcp_2.png

The new Regulation 2016/679 applicable from 25th of May 2018

 

Complaints

GDPR Complaints

 

Procedure for complaints

Information on the payment of fine by legal entities

Controllers

Data Protection Officer Form

 

GDPR Breach Notification

 

Law nr. 506/2004 Breach Notification

 

GDPR Sanctions

Schengen

 

Schengen

News

Useful Information

 

F.A.Q.

Guidelines Q&A Regulation (EU) 2016/679

Indicative guidelines GDPR

Guidelines on the application of Law no. 363/2018

Useful Links

 

TFTP - Terrorist Finance Tracking Program

 

 

 

Procedure

Forms

Contact

Contact us

Data Protection

Information on the processing of personal data carried out by ANSPDCP

 

Cookies policy

13.03.2023

Sanction for the GDPR infringement

 

The National Supervisory Authority finalised in January this year an investigation at the controller Modaone SRL within which it found the breach of the provisions of Article 12 and Article 13 from the General Data protection Regulation.

Therefore, the company Modaone SRL was sanctioned with fine in amount of Lei 9,871 (the equivalent of EUR 2,000).

The investigation was started following a complaint submitted by a data subject through which it reported that commercial messages were provided to his/her e-mail address from www.kalapod.net, with the breach of the right to object, although it was previously communicated that such messages no longer will be provided.

Within the investigation performed it was found that Modaone SRL, owner of www.kalapod.net, does not provide full, correct, accurate and updated information on the personal data processing, as provided under Article 13 from the GDPR (for example, the recipients of the personal data, the storage periods, the right to submit a complaint with the supervisory authority), also imposing excessing conditions for the exercise of the rights by the data subject, thus breaching the provisions of Article 12 and 13 from the GDPR.

At the same time, based on Article 58 paragraph (2) letter d) of the General Data protection Regulation, the following corrective measures were imposed to the controller:

  • The implementation of adequate measures for the observance of the GDPR provisions, in order to further on process personal data of the data subjects for direct marketing purposes that envisage the use of electronic communication services (e-mail, telephone) only subject to obtaining their specific and prior consent, including the adoption of some procedures in this respect, and the corresponding amendment of the applicable sections on the website kalapod.net;
  • The amendment of the section ”Terms and conditions” from the website kalapod.net in order for the data subjects to be provided with full, correct, accurate and updated information in relation to the processing of personal data; also, the excessive condition for the submission of the request ”in writing, dated and signed” in case they are provided by e-mail, as well as the excessive condition for the request of the copy of the identity card for the exercise of the rights provided under the GDPR will be eliminated.

 

Legal and Communication Department

A.N.S.P.D.C.P.