Budapest Bank Zrt. – €634,000 Fine (Hungary, 2022)

€634,000Nemzeti Adatvédelmi és Információszabadság Hatóság8 February 2022Hungary
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Budapest Bank received a EUR 634,000 fine for using AI to assess customers' emotions during calls without proper notification. The bank didn't inform customers about the emotional analysis, violating their rights to know and object. This highlights the need for clear communication about data processing purposes.

What happened

Budapest Bank used AI to evaluate customers' emotions during calls without informing them.

Who was affected

Customers whose emotional states were analyzed by Budapest Bank's AI during phone calls.

What the authority found

The Hungarian DPA fined Budapest Bank for failing to inform customers about the emotional analysis of their calls, violating their rights to be informed and to object.

Why this matters

This ruling stresses the importance of transparency in data processing, especially when using AI for sensitive tasks like emotion analysis. Companies should ensure they clearly communicate the purposes of data processing to customers.

GDPR Articles Cited

AI-verified

Art. 13 GDPR
Art. 14 GDPR
Art. 5(1)(a) GDPR
Art. 6(1) GDPR
Art. 12(1) GDPR
Art. 21(1) GDPR
Art. 24(1) GDPR
Art. 25(1) GDPR
View original scraped data
Art. 5(1)(a) GDPR
b) GDPR
Art. 6(1) GDPR
(4) GDPR
Art. 12(1) GDPR
Art. 13 GDPR
Art. 14 GDPR
Art. 21(1) GDPR
(2) GDPR
Art. 24(1) GDPR
Art. 25(1) GDPR

Original data from scraper before AI verification against source document.

Source verified 5 March 2026
amount discrepancy
Hungary enforcementNemzeti Adatvédelmi és Információszabadság Hatóság actionsAll Budapest Bank Zrt. actions
Full Legal Summary
Detailed

The Hungarian DPA (NAIH) has fined Budapest Bank Zrt. EUR 634,000. NAIH reports that the bank used an artificial intelligence-driven software solution to automate the evaluation of customers' emotional state. The speech evaluation system determined which customers needed to be recalled based on the customer's mood. The bank operated the application to prevent complaints and to keep customers. The bank did not inform the data subjects, that the processing of their data serves, among other things, for customer retention purposes, meaning that customers were not in a position to object to the processing. As a result, the rights of the data subjects regarding adequate information and the right to object were not guaranteed. The DPA also found that the bank's legitimate interest as a legal basis for processing the personal data was not sufficiently substantiated as the bank had not sufficiently examined the interests of the data subjects. The bank thus processed the data without a valid legal basis.

Related Enforcement Actions (1)

Other enforcement actions involving Budapest Bank Zrt. in HU

Fine
Feb 2022· Nemzeti Adatvédelmi és Információszabadság Hatóság

In September 2021, the Hungarian DPA initiated an ex officio investigation against Budapest Bank Zrt. (hereinafter the Bank) related to the use of Art...

€625K
Current
Feb 2022

Fine

€634K

Details

Fine Date

8 February 2022

Authority

Nemzeti Adatvédelmi és Információszabadság Hatóság

Fine Amount

€634,000

Enforcement Tracker ID

ETid-1244

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Budapest Bank Zrt. - Hungary (2022). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: