ING Bank N.V. Amsterdam - Bucharest office

€3,000

Insufficient legal basis for data processing

Decision Date

December 30, 2020

Authority

Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)

RO

Sector

Finance, Insurance and Consulting

Country

RO

Law

GDPR

Status

FINAL

Description

The Romanian DPA (ANSPDCP) fined ING Bank N.V. Amsterdam - Bucharest office in the amount of EUR 3,000. The bank had contacted the data subject by e-mail for the purpose of updating his data. At that time, however, the data subject had already terminated his account with the bank, so that the contractual relationship had been terminated. As a result, the data controller had unlawfully processed personal data of the former customer without his consent such as the e-mail address and the name and of the data subject.

Legal Citations

Art. 5 (1)Art. 6 (1)

Issues & Violations

Insufficient legal basis for data processing
View Official Document
Back to Fines Database
Previous Fine
Romanian National Supervisory Authority for Person...
Next Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Stay Updated on Privacy Enforcement

We respect your privacy. One email per month, no spam, unsubscribe anytime.