Data Protection Newsletter

√     Romanian Data Protection Authority – 2020 overview
√     European Commission launches process on personal data transfers to UK

1.     Romania’s Data Protection Authority – 2020 overview

On 11 February 2021, the Romanian Data Protection Authority published a summary of its activity for 2020. The main points of interests are presented below:

  • 5480 complaints received and 684 investigations commenced,
  • 29 fines applied amounting to RON 982,115 (approximatively EUR 201,666),
  • 2081 data protection officers appointed,
  • 194 data breaches notified,
  • 56 international cooperation procedures managed,
  • 1151 requests received on the interpretation of the GDPR provisions, and
  • 127 court case files managed.

2.     European Commission – two adequacy decisions for the United Kingdom

On 19 February 2021, the European Commission started the process for the adoption of two adequacy decisions in order to easily allow data transfers to the United Kingdom. One adequacy decision envisages the GDPR, while the other one envisaged the Directive (EU) 2016/680 (the Law Enforcement Directive).

The two draft adequacy decisions are the result of a careful assessment made by the European Commission on the UK’s law and practice on personal data protection. If adopted, the adequacy decisions will be valid for a four-year period with the possibility of renewal if the level of protection in the United Kingdom will continue to be adequate.


*This ePublication is provided by Radu Taracila Padurari Retevoescu SCA and is for information purposes only. It does not constitute legal advice or an offer for legal services. The distribution of this document does not create an attorney−client relationship. If you require advice on any of the matters raised in this document, please call your usual contact at Radu Taracila Padurari Retevoescu SCA at +40 31 405 7777.