Bank
€500($540 USD)final
Date Issued
2019-01-17
Regulation
Authority
Bulgarian Commission for Personal Data Protection (KZLD)
Country
Bulgaria
Violation Type
Non-compliance with lawful basis for data processing
Currency
EUR
Violation Summary
The bank unlawfully came into possession of personal data related to a student.
Articles Violated
Art. 6 GDPRArt. 5 (1) a) GDPR
Other Fines for Bank
| Date | Regulation | Amount (USD) | Type |
|---|---|---|---|
| 2022-10-05 | GDPR | $78,300 | Failure to comply with data processing principles |
| 2022-01-01 | GDPR | -- | Failure to implement sufficient measures to ensure information security |
| 2021-12-16 | GDPR | $81,000 | Insufficient involvement of data protection officer |
| 2021-10-26 | GDPR | $410 | Non-compliance with lawful basis for data processing |
| 2020-08-05 | GDPR | $108 | Non-compliance with lawful basis for data processing |
| 2020-03-26 | GDPR | $3,121 | Non-compliance with lawful basis for data processing |
| 2020-01-01 | GDPR | -- | The bank made it mandatory for customers to provide a copy of their IDs when opening an account. This was unlawful. |
| 2019-01-17 | GDPR | $540 | Non-compliance with lawful basis for data processing |
| 2018-05-12 | GDPR | $540 | Non-compliance with lawful basis for data processing |
| 2018-05-12 | GDPR | $540 | Non-compliance with lawful basis for data processing |