Data Protection Academy » Data Protection News » Romanian supervisory authority imposed fine on Elefant Online SA

Fine Elephant Online

Romanian supervisory authority imposed fine on Elefant Online SA

Date: 31.10.2019

Responsible body: Elefant online SA

Type of data breach: e-mail communication not conforming to DSGVO

The Romanian supervisory authority imposed the fine based on a petition in which Elefant Online S.A. had sent the applicant unsolicited commercial messages to his email address without his consent. Although the data subject had unsubscribed both on the website and via the unsubscribe links in the newsletters, he continued to receive unsolicited commercial messages on his email address from Elefant Online S.A.. The communication with data subjects for marketing purposes is, according to the GDPR only permissible if they have consented to this. If data subjects subsequently opt out of receiving marketing communications, the data controller must ensure that data subjects are no longer notified.

Fines: 10,000 Leu

Country: Romania

SourceEuropean Data Protection Board

Back to the overview of the data breaches

Get free advice now

Caroline Schwabe
Latest posts by Caroline Schwabe (see all)

This might interest you too:

Examples of GDPR fines: what happens in data protection

GDPR infringements are punished with heavy fines. Find out which data protection infringements are suspected and secure yourself.
Read more

Data protection fine imposed on the Municipality of Oslo Education Authority

120.000 € because the security of the app "Skolemelding" for communication between school staff, parents and pupils was not guaranteed.
Read more

Data protection fine Swedish company

35,000 euros fine for violation of three Swedish laws at once. Information about creditworthiness published.
Read more