Skip to content
Enforcement
EN

ING Bank N.V. Amsterdam - Bucharest office: Insufficient legal basis for data processing

€3,000 fine - Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP)

€3,000 Fine
ING Bank N.V. Amsterdam - Bucharest office
ROMANIA
Insufficient legal basis for data processing

Content

The Romanian DPA (ANSPDCP) fined ING Bank N.V. Amsterdam - Bucharest office in the amount of EUR 3,000. The bank had contacted the data subject by e-mail for the purpose of updating his data. At that time, however, the data subject had already terminated his account with the bank, so that the contractual relationship had been terminated. As a result, the data controller had unlawfully processed personal data of the former customer without his consent such as the e-mail address and the name and of the data subject.

GDPR Articles: Art. 5 (1) a) - d) GDPR, Art. 6 (1) GDPR
Industry: Finance, Insurance and Consulting