ING Bank N.V.
Não disponível
Insufficient technical and organisational measures to ensure information security
Data da decisão
28 de novembro de 2019
Autoridade
Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)
RO
Setor
Finance, Insurance and Consulting
País
RO
Lei
GDPRStatus
FINALDescrição
Original Fine Summary: ING Bank has not taken appropriate technical and organisational measures for an automated data processing system during the settlement process of card transactions affecting 225,525 customers, resulting in double transactions being executed between 8 and 10 October. Update: The Bucharest Court of Appeal overturned the fine of EUR 80,000.
Citações legais
Art. 32
Problemas e violações
Insufficient technical and organisational measures to ensure information security