NATIONAL BANK OF GREECE S.A.
€20,000
Insufficient fulfilment of information obligations
決定日期
2022年10月3日
權限
Hellenic Data Protection Authority (HDPA)
GR
部門
Finance, Insurance and Consulting
國家
GR
法律
GDPR狀態
FINAL說明
The Hellenic DPA has imposed a fine of EUR 20,000 on NATIONAL BANK OF GREECE S.A.. In the context of the use of certain debit/credit cards, information of the last 10 transactions were stored on the chip of the card without the customers' explicit consent. This information could be read out later. The DPA found that the bank had failed to inform affected customers about this storage of transaction information and therefore violated Art. 13 GDPR.
法律引文
Art. 13
問題與違規
Insufficient fulfilment of information obligations