Fine imposed on Romanian company Artmark Holding SRL

Date: 31.10.2019

Responsible body: Artmark Holding SRL

Type of data breach: transmission of advertising messages without consent

The data controller Artmark Holding SRL was fined 10 000 leu.

The fine was imposed on the controller for failing to prove that he had obtained express and unambiguous prior consent to the sending of advertising messages by e-mail, in violation of the provisions on unsolicited communications under Article 13(1)(q) of Law No 506/2004 on processing personal data and the protection of privacy in electronic communications.

In this context, the company was advised to take the necessary measures to comply with the provisions of Article 12 of Law No.506/2004, on sending advertising messages by electronic means only with the express prior consent of the recipients.

According to Article 12(1) of Law No 506/2004 on the processing of personal data and the protection of privacy in the electronic communications sector, it is prohibited to carry out commercial communications using automated calling and communication systems that do not require human interaction. This applies to fax or e-mail or any other means, unless the subscriber or user concerned has given his/her express prior consent to receive such communications.

The Romanian supervisory authority became aware of the infringement because, in the context of a petition, participants received unsolicited advertising messages without consent. Although the person concerned had asked the company to delete his personal data from the database, he continued to receive unsolicited commercial messages from Artmark Holding SRL to his e-mail address.

Legal basis: National law

Fines: 10,000 Leu

Country: Romania

Source: European Data Protection Board

Back to the overview of the data breaches