Bankia S.A.
€50,000
Non-compliance with general data processing principles
Data deciziei
28 august 2020
Autoritatea
Spanish Data Protection Authority (aepd)
ES
Sector
Finance, Insurance and Consulting
Țara
ES
Legea
GDPRStatut
FINALDescriere
The bank kept personal data of a data subject for several years, even after the data subject was no longer a customer. The data was also accessible to bank employees during this time. This constituted a violation of the principle of purpose limitation.
Citări juridice
Art. 5 (1)
Probleme și încălcări
Non-compliance with general data processing principles