Bankia S.A.
€50,000
Non-compliance with general data processing principles
Lēmuma datums
2020. gada 28. augusts
Iestāde
Spanish Data Protection Authority (aepd)
ES
Nozare
Finance, Insurance and Consulting
Valsts
ES
Likums
GDPRStatuss
FINALApraksts
The bank kept personal data of a data subject for several years, even after the data subject was no longer a customer. The data was also accessible to bank employees during this time. This constituted a violation of the principle of purpose limitation.
Juridiskās atsauces
Art. 5 (1)
Jautājumi un pārkāpumi
Non-compliance with general data processing principles