Romania
Specific Romanian regulations In order to ensure an increased level of security in employer-employee relations, Romanian legislation has also introduced the obligation that where monitoring systems are used by means of electronic communications and/or by means of video surveillance at the workplace, the processing of employees' personal data, for the purpose of achieving the legitimate interests pursued by the employer, is allowed only if the duration of storage of personal data is proportionate to the purpose of the processing, but not for more than 30 days, except in situations expressly regulated by law or in duly justified cases. So, if the employer wants to carry out surveillance by video or electronic means it must delete the stored data after a maximum of 30 days from the date of storage. 5.5. Disclosure, sharing and transfer of data As per GDPR. 5.6. Cross border transfer of data As per GDPR. 5.7. Redressal of grievances As per GDPR. Specific Romanian regulations Any data subject who believes that the processing of their personal data violates the applicable legal provisions has the right to lodge a complaint. This applies particularly if the alleged breach occurs within
Romania or affects the data subject's habitual residence or place of work. Complaints must be submitted in writing, either in Romanian or English, and sent to the supervisory authority. The supervisory authority shall inform the data subject of the admissibility of the complaint within 45 days of registration at the latest. If the authority finds that the information in the complaint is incomplete or insufficient, it may request the data subject to provide additional details for the complaint to be considered admissible for investigation. The National Supervisory Authority is then obligated to update the data subject on the progress or outcome of the investigation within 3 months from the date of informing the complainant that the complaint is admissible. In addition to filing a complaint with the supervisory authority, data subjects also have the right to address their complaint directly to the competent court to defend their rights as guaranteed by applicable law. Where a legal claim has been brought with the same subject matter and same parties, the supervisory authority may order the suspension of, and/or close, the complaint, as appropriate. The data subject will have to inform the Authority, via a complaint form, of the lodging of such a complaint with the court.
www.peterkapartners.com/e n/local/bucharest/
Made with FlippingBook - PDF hosting