Danske Bank
€1,300,000
Non-compliance with general data processing principles
Ngày ra quyết định
5 tháng 4, 2022
Thẩm quyền
Danish Data Protection Authority (Datatilsynet)
DK
Ngành
Finance, Insurance and Consulting
Quốc gia
DK
Luật
GDPRTrạng thái
FINALMô tả
The Danish DPA has imposed a fine of EUR 1.3 million on Danske Bank. The DPA had opened an investigation against the bank after it informed the DPA that it had a problem with the deletion of personal data. During the investigation, the DPA found that the bank had failed to document the rules for deletion and storage of personal data in more than 400 systems. Consequently, the bank was unable to prove that such rules, which are required under the GDPR, existed. The DPA considered this to be a breach of the bank's accountability obligation under Art. 5 (2) GDPR.
Trích dẫn pháp lý
Art. 5 (2)
Vấn đề & Vi phạm
Non-compliance with general data processing principles