The personal data of at least 509 customers of Sudrezidencial Broker SRL, a real estate loan broker that operates the website www.credit24h.ro, was published in an unauthorized manner by the company’s administrator on the website, the Office for the Protection of Personal Data announced on Thursday. Data (ANSPDCP).
The body reported that in November of this year, it completed the investigation at the operator Sudresidential Broker SRL, in which it found a violation of the provisions of Art. 32 par. (4) and Art. 34 of the General Data Protection Regulation (RGPD), as well as violation of Art. 4 para. (5) from Law No. 506/2004 on the processing of personal data and protection of private life in the electronic communications sector.
What personal data was illegally published on the Internet
- “During the investigation, it was established that the operator of Sudresidential Broker SRL did not take adequate measures to ensure that any natural person acting under his authority and having access to personal data only processed it at his request, which led to the preparation record in Excel format indicating personal data (surname, patronymic, first name, phone number, series and ID card number, e-mail address, bank details, real estate purchases, marital status, request amount, bank, comments) of the operator’s customers and other physical persons persons (life partners of clients).
- This situation led to the unauthorized disclosure to the general public of the personal data of at least 509 target persons, the operator’s customers, through their publication by the company’s administrator on a certain Internet page,” the message reads.
It was also established that the operator did not inform the interested parties about this violation of the security of personal data, thereby violating the provisions of Art. 34 GDPR.
Information stored through cookies without user consent
At the same time, it was established that the company Sudrezidencial Broker SRL stored information (cookie modules that were not technically necessary for the operation of the operator’s website) without obtaining the consent of users, individuals, as well as without providing them with clear and complete information in accordance with Art. 12 – 14 GDPR, violating the provisions of Art. 4 para. (5) from Law No. 506/2004 on processing of personal data and protection of private life in the sector of electronic communications, as amended.
A fine of 10,000 euros
Sudrezidencial Broker SRL was thus fined as follows:
- a fine in the amount of 49,418 lei, which is equivalent to 10,000 EUR, for violating the provisions of Art. 32 par. (4) with the GDPR;
- warning for violation of the provisions of Art. 34 GDPR;
- warning for violation of the provisions of Art. 4 para. (5) from Law No. 506/2004
Sud Rezidential Broker (www.credit24h.ro) is the financial division of the Sud Rezidental Group and has partnerships with most of the important banks in Romania, through which credit solutions are offered in the shortest possible time to buyers interested in purchasing a new home. apartment .
Photo source: One Photo | Dreamstime.com
Source: Hot News
Mary Robinson is a renowned journalist in the field of Automobile. She currently works as a writer at 247 news reel. With a keen eye for detail and a passion for all things Automotive, Mary’s writing provides readers with in-depth analysis and unique perspectives on the latest developments in the field.