Bankia S.A.

€50,000

Non-compliance with general data processing principles

Otsuse kuupäev

28. august 2020

Ametiasutus

Spanish Data Protection Authority (aepd)

ES

Sektor

Finance, Insurance and Consulting

Riik

ES

Seadus

GDPR

Staatus

FINAL

Kirjeldus

The bank kept personal data of a data subject for several years, even after the data subject was no longer a customer. The data was also accessible to bank employees during this time. This constituted a violation of the principle of purpose limitation.

Õiguslikud viited

Art. 5 (1)

Probleemid ja rikkumised

Non-compliance with general data processing principles
Vaata ametlikku dokumenti
Tagasi trahvide andmebaasi juurde
Eelmine trahv
Data Protection Authority of Ireland - Cork Univer...
Järgmine trahv
Data Protection Authority of Hamburg (HmbBfDI) - C...

Privaatsuse jõustamise kohta ajakohastatud teave

Me austame teie privaatsust. Üks e-kiri kuus, ei ole rämpsposti, loobuda tellimusest igal ajal.