Newsletter 8/2019 - First GDPR-related fines in Romania


During 2018 ANSPDCP conducted aproximattely 500 ex officio investigations and other 500 data subject access request related ones. 

At the end of May 2019 there were over 1000 ongoing investigations. 

First GDPR-related fines were imposed in July 2019 for two controllers : a bank ( 130000 Euro ) and a hotel ( 15000 Euro ) due to personal data breaches that caused loss of data confidentiality accordingly to articles 25 and 32.

You may find more information on official ANSPDCP website

We remind you that being compliant with General Data Protection Regulation and all privacy laws is not optional.

Crowe Romania prepared a new dedicated website where you may find useful information regarding the right approach of the Regulation requirements and also a brief presentation of our services.


The information in this newsletter is intended to give you an overview of legislative news; the newsletter does not contain a complete analysis of each topic. For more information about the subjects presented, please contact us. We do not accept any responsibility for decisions or omissions followed by the use of the content of this newsletter. All Boscolo&Partners newsletters are available at the following address: