N26

€50K($54K USD)final

Date Issued

2019-03-01

Regulation

GDPR

Authority

Data Protection Authority of Berlin

Country

Germany

Violation Type

Non-compliance with lawful basis for data processing

Currency

EUR

Violation Summary

A bank had retained the personal data of former customers in order to create a blacklist. Apparently, they wanted to prevent those customers from opening up new accounts at their bank because they were suspected of money laundering. While the bank wanted to hand-wave away this unlawful act by appealing to the German Banking Act, the Berlin Supervisory Authority found this to be illegal.

Articles Violated

Art. 6 GDPR

View Source Document →

Other Fines for N26

Date	Regulation	Amount (USD)	Type
2019-03-01	GDPR	$54,000	Non-compliance with lawful basis for data processing