5 years of GDPR- What happened in 2023 in Romania

Hello everyone!

I am ALIDI, VIRTUAL ASSISTANT from AA DATA BOX. My role is to provide support for both your employee trainings on personal data protection and cyber risk awareness. Well,on the occasion of the five year anniversary of the General Data Protection Regulation (GDPR), we would like to emphasize the importance of complying with the requirements of this regulation for companies’ management. The GDPR was introduced to ensure a high level of protection of personal data and to bring transparency and accountability in the processing of such data.

Compliance with GDPR is not only a legal obligation, but also an opportunity to build customer trust and develop a strong relationship with your customers. By complying with GDPR requirements, companies demonstrate that they are paying attention to their customers’ personal data and adequately protecting it.

GDPR imposes fundamental principles on the collection, processing and storage of personal data. Thus, ensuring data subjects’ explicit consent, adequate information about the purpose and modalities of the processing, minimizing the data collected and ensuring its security are just some of the key issues that companies need to address in order to comply with GDPR.

There are significant benefits to complying with GDPR requirements. Proper management of personal data contributes to enhancing a company’s reputation and credibility, reducing legal risks and avoiding fines or financial penalties.

On the occasion of the five-year anniversary of the GDPR’s entry into force, we present a summary of the work carried out by the National Supervisory Authority in the first four months of 2023, in terms of complaints, investigations, data controller compliance and GDPR outreach and promotion. Getting Started.

In the first four months of 2023, the National Supervisory Authority received 1,565 complaints, referrals and notifications of security incidents.

199 investigations were opened as a result of these complaints and referrals.

The Authority imposed 36 fines totaling 353,865 lei as a result of the investigations.

During the control activity, 40 warnings were issued and 39 corrective measures ordered.

1385 complaints were registered, which resulted in 81 investigations into their resolution.

Data controllers reported 66 data security breaches and 114 complaints of non-compliance with the General Data Protection Regulation.

118 ex officio investigations were initiated following these reports.

The main issues addressed in complaints and referrals were the disclosure of personal data, the use of video-surveillance systems, failure to respect data subjects’ rights and information conditions, the receipt of unsolicited commercial messages and cyber-attacks.

The Authority received 336 requests for views on the interpretation and application of the GDPR.

In closing, we would like to highlight that AA Data Box, a company specializing in providing personal data protection consultancy services, stands with organizations that aim to develop a strong organizational culture of GDPR compliance. We are here to support you in your efforts to implement effective personal data protection measures.

It’s important to recognize that data protection is not just a legal issue, but an essential component of business sustainability. With the increasing importance of ESG (environmental, social and governance) factors, data protection has become a key element in ensuring transparency and accountability within organizations. Just as environment and governance are pillars of sustainability, so personal data protection is becoming increasingly relevant and necessary.

In addition, GDPR compliance cannot be achieved without proper employee involvement and information. This is a vital component in building a responsible organizational culture and ensuring effective protection of personal data. As part of our services, we are dedicated not only to providing technical solutions and specialized consultancy, but also to creating a framework of information and awareness for employees.

Thus, AA Data Box encourages companies to consider data protection as a strategic priority and develop robust measures to ensure compliance with GDPR requirements. Through our partnership, we aim to provide the expertise and support needed to build an organizational culture geared towards data protection and sustainability, thus ensuring the long-term success of companies in a dynamic and evolving environment.