Bankia S.A.

€50,000

Non-compliance with general data processing principles

Beslissingsdatum

28 augustus 2020

Autoriteit

Spanish Data Protection Authority (aepd)

ES

Sector

Finance, Insurance and Consulting

Land

ES

Wet

GDPR

Status

FINAL

Beschrijving

The bank kept personal data of a data subject for several years, even after the data subject was no longer a customer. The data was also accessible to bank employees during this time. This constituted a violation of the principle of purpose limitation.

Juridische citaten

Art. 5 (1)

Problemen en overtredingen

Non-compliance with general data processing principles
Officieel document bekijken
Terug naar de database met boetes
Vorige boete
Data Protection Authority of Ireland - Cork Univer...
Volgende boete
Data Protection Authority of Hamburg (HmbBfDI) - C...

Blijf op de hoogte van privacybescherming

We respecteren je privacy. Eén e-mail per maand, geen spam, afmelden kan altijd.