A bank was the first recipient of a fine in Romania for irregularities in applying the European Data Protection Regulation (GDPR). The data protection authority in the country applied Unicredit Bank a fine amounting to EUR130,000 following an investigation that showed the bank revealed personal data of payers in transaction documents which were made available online to payment beneficiaries.
- UPDATE Contacted by HotNews.ro, the bank said it was informed about the data protection authority decision and that the respective issues have been solved.
The fine announced by national data protection authority ANSPDCP was decided following the conclusion of the investigation in June this year. The inquiry was launched following a notification submitted to the authority in November 2018.
The authority says the irregularities affected some 337,000 people, payers whose ID numbers and addresses were revealed to online transaction beneficiaries.