Roumasport Fined €10,000 for GDPR Breach

ANSPDCP

Changeflow GovPing Data Privacy & Cybersecurity Roumasport Fined €10,000 for GDPR Breach

Urgent Enforcement Amended Final

Roumasport Fined €10,000 for GDPR Breach

Romania ANSPDCP

Filed December 30th, 2025

Detected April 20th, 2026

Email

Summary

ANSPDCP imposed a €10,000 fine on Roumasport for a General Data Protection Regulation (GDPR) breach. The enforcement action reflects Romania's active enforcement of data protection rules. Organizations processing personal data should ensure compliance with GDPR requirements to avoid similar penalties.

Why this matters

Companies operating in Romania or processing data of Romanian residents should ensure their GDPR compliance programs are current, particularly regarding lawful basis documentation, privacy notices, and data subject request handling procedures.

AI-drafted from the source document, validated against GovPing's analyst note standards . For the primary regulatory language, read the source document .

Published by ANSPDCP on dataprotection.ro . Detected, standardized, and enriched by GovPing. Review our methodology and editorial standards .

View original document View source feed page

What changed

ANSPDCP imposed a €10,000 administrative fine on Roumasport for violations of the General Data Protection Regulation. This represents Romania's supervisory authority taking enforcement action against non-compliant data processing.

Organizations subject to GDPR should review their data processing activities, consent mechanisms, and data subject rights procedures. Fines of this magnitude indicate that supervisory authorities are actively imposing meaningful penalties for violations, not merely issuing warnings.

Penalties

€10,000

Archived snapshot

Apr 20, 2026

GovPing captured this document from the original source. If the source has since changed or been removed, this is the text as it existed at that time.

The National Supervisory Authority For Personal Data Processing

Mentioned entities

General Data Protection Regulation

Related changes

Fine 15,000 Lei for Violation of Law 506/2004 (Cookies)

Priority review Apr 20, 2026 • Romania ANSPDCP • Data Privacy & Cybersecurity

CJEU Rules Online Marketplaces Are GDPR Data Controllers

Routine Apr 20, 2026 • Romania ANSPDCP • Data Privacy & Cybersecurity

Get daily alerts for Romania ANSPDCP

Daily digest delivered to your inbox.

Free. Unsubscribe anytime.

Source

Romania ANSPDCP dataprotection.ro/index.jsp?page=Home&lang=en

Data Privacy & Cybersecurity

About this page

What is GovPing?

Every important government, regulator, and court update from around the world. One place. Real-time. Free. Our mission

What's from the agency?

Source document text, dates, docket IDs, and authority are extracted directly from ANSPDCP.

What's AI-generated?

The summary, classification, recommended actions, deadlines, and penalty information are AI-generated from the original text and may contain errors. Always verify against the source document.

Last updated

April 20, 2026

Press inquiries →

Classification

Agency

ANSPDCP

Filed

December 30th, 2025

Instrument

Enforcement

Branch

Executive

Legal weight

Binding

Stage

Final

Change scope

Substantive

Who this affects

Applies to

Organizations processing EU/EEA personal data

Industry sector

5112 Software & Technology

Activity scope

Data breach enforcement Administrative monetary penalty

Geographic scope

RO RO

Taxonomy

Primary area

Data Privacy

Operational domain

Compliance

Compliance frameworks

GDPR

Topics

Consumer Protection

Roumasport Fined €10,000 for GDPR Breach

Summary

What changed

Penalties

Archived snapshot

Mentioned entities

Related changes

Source

About this page

Classification

Who this affects

Taxonomy

Browse Categories

Get alerts for this source

Subscribed!