Unicredit Bank SA

€130K($140K USD)final

Date Issued

2019-06-27

Regulation

GDPR

Authority

Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)

Country

Romania

Violation Type

Failure to implement sufficient measures to ensure information security

Currency

EUR

Violation Summary

The Company was issued a fine because it had failed to provide the necessary security and organization measures in two cases. Firstly, it failed in the appropriate determination of the data processing means. Secondly, it failed in the appropriate implementation of necessary security safeguards, which led to the public disclosure of the personal data of over 337.042 people.

Articles Violated

Art. 25 (1) GDPRArt. 5 (1) c) GDPR
View Source Document →

Related Headlines

Italy privacy watchdog fines Unicredit $3.1 million for data breach - Reuters

Reuters · 3/7/2024

Italy regulator fines Enel unit 79 million euros for telemarketing abuses - Reuters

Reuters · 2/29/2024

Privacy by design — GDPR’s sleeping giant - IAPP

IAPP · 6/15/2020

Other Fines for Unicredit Bank SA

DateRegulationAmount (USD)Type
2019-06-27GDPR$140,400Failure to implement sufficient measures to ensure information security