National Bank of Greece

€20,000

Insufficient fulfilment of data subjects rights

Decision Date

August 26, 2021

Authority

Hellenic Data Protection Authority (HDPA)

GR

Sector

Finance, Insurance and Consulting

Country

GR

Law

GDPR

Status

FINAL

Description

The Hellenic DPA has imposed a fine of EUR 20,000 on the National Bank of Greece. A data subject had filed a complaint against a company and the bank after they failed to comply with his right to information. After returning a product he had purchased from a company, the data subject had asked the company via Facebook Messenger to inform him about the request to cancel his credit card statements sent electronically to the bank. However, the controller refused to comply, whereupon the data subject asserted the same right with the bank, which, however, did not provide him with a response.

Legal Citations

Art. 12 (1)Art. 15 (1)

Issues & Violations

Insufficient fulfilment of data subjects rights
View Official Document
Back to Fines Database
Previous Fine
Hellenic Data Protection Authority (HDPA) - Dixons...
Next Fine
Data Protection Authority of Hamburg (HmbBfDI) - C...

Stay Updated on Privacy Enforcement

We respect your privacy. One email per month, no spam, unsubscribe anytime.