Raiffeisen Bank SA

€150K($162K USD)final

Date Issued

2019-10-09

Regulation

GDPR

Authority

Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)

Country

Romania

Violation Type

Failure to implement sufficient measures to ensure information security

Currency

EUR

Violation Summary

Raiffeisen Bank Romania did not observe the necessary security measures required by the GDPR when it assessed the scores of individuals on the WhatsApp platform. The personal data was exchanged via WhatsApp.

Articles Violated

Art. 32 GDPR

View Source Document →

Other Fines for Raiffeisen Bank SA

Date	Regulation	Amount (USD)	Type
2022-11-16	GDPR	$30,240	Failure to implement sufficient measures to ensure information security
2019-10-09	GDPR	$162,000	Failure to implement sufficient measures to ensure information security