GDPR Conformity Proving a Test for Romanian SMEs

July 29, 2018


A survey performed by the National Council of SMEs in Romania (CNIPMMR) has noticed that more than 40% of the firms interrogated had not adopted measures for the application of the GDPR before the May 25 launch date.

The survey which interrogated 210 businesses in order to find how they are presently managing with the new EU law also found that nearly 30% of the respondents had been capable to perform the duties before the deadline on May 25. 42.1% said they had not applied measures for the execution of GDPR as of yet whereas 28.9% said that they were arranging to apply the laws in the near future. CNIPMMR stated that 52.6% of those surveyed were businesses that had between one and nine members of staff.

Legal experts from Bucharest-based law firm Musat & Asociatii said that “The laws are applied in Romania without any additional rule of the local authorities, including on penalties. Apart from the administrative restrictions, any violation of the rights of targeted people generates harms that will have got to be covered by those who created it, which is the data operator or its agent. What matters is the movement of data that is handled, not the dimension of the company itself. In practice, there are conditions in which small firms process a larger volume of data than big firms”.

Remarking on Romanian news website, Business Review, Valentin Radu, CEO of Omniconvert, a start-up offering a real-time web personalization tool said that “If you are like Google or Facebook, you push that approval pop-up chiefly since your users are used to you so they are in the custom of using you over and over again. Obviously, you are going to accept that, although Facebook as a large player is the one that actually misused the confidence of its users, of us, the users in the European Union. So, that chiefly means due to their material, all the small firms are experiencing. Not only are they experiencing now, but they will experience in the future too.”

The conclusions of this survey come after the judicial suggestion for applying GDPR measures in Romania accepted by the Romanian Parliament on 27 June. The law, which has alterations to the initial draft law circulated in 2017 targets to being Romanian law according to GDPR.