Bank
€500($540 USD)final
Date Issued
2018-05-12
Regulation
Authority
Bulgarian Commission for Personal Data Protection (KZLD)
Country
Bulgaria
Violation Type
Non-compliance with lawful basis for data processing
Currency
EUR
Violation Summary
The bank was fined 500 EUR for calling a client about the unresolved bills of his neighbor. The client then invoked his right to be forgotten, which the bank ignored at first. Another motion was started, and the client complained to the KZLD. Apparently, the bank hadn’t requested consent from the subject when processing his data.
Articles Violated
Art. 5 (1) b) GDPRArt. 6 GDPR
Other Fines for Bank
| Date | Regulation | Amount (USD) | Type |
|---|---|---|---|
| 2022-10-05 | GDPR | $78,300 | Failure to comply with data processing principles |
| 2022-01-01 | GDPR | -- | Failure to implement sufficient measures to ensure information security |
| 2021-12-16 | GDPR | $81,000 | Insufficient involvement of data protection officer |
| 2021-10-26 | GDPR | $410 | Non-compliance with lawful basis for data processing |
| 2020-08-05 | GDPR | $108 | Non-compliance with lawful basis for data processing |
| 2020-03-26 | GDPR | $3,121 | Non-compliance with lawful basis for data processing |
| 2020-01-01 | GDPR | -- | The bank made it mandatory for customers to provide a copy of their IDs when opening an account. This was unlawful. |
| 2019-01-17 | GDPR | $540 | Non-compliance with lawful basis for data processing |
| 2019-01-17 | GDPR | $540 | Non-compliance with lawful basis for data processing |
| 2018-05-12 | GDPR | $540 | Non-compliance with lawful basis for data processing |