Unicredit S.p.A. – €70,000 Fine (Italy, 2022)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The Italian data protection authority fined Unicredit S.p.A. EUR 70,000 for making it too hard for an employee to access their personal data. The bank required a specific form, which the authority found to be an unnecessary barrier. This case emphasizes the need for companies to simplify access to personal data.
What happened
Unicredit S.p.A. required a complicated form for employees to access their personal data.
Who was affected
An employee of Unicredit S.p.A. who wanted to access their personal data.
What the authority found
The authority found that Unicredit's requirement for a specific form was an unreasonable obstacle to accessing personal data.
Why this matters
This ruling stresses the importance of making data access straightforward and accessible. Companies should ensure their processes do not create unnecessary hurdles for individuals exercising their rights.
GDPR Articles Cited
The Italian DPA has fined Unicredit S.p.A. EUR 70,000. An employee had filed a complaint with the DPA claiming that their right to access their personal data had not been sufficiently respected. The company required a specific form to be filled out in order to gain access to personal data. During its investigation, the DPA found that the requirement to fill out the form made it disproportionately difficult to exercise the right of access.
Related Enforcement Actions (1)
Other enforcement actions involving Unicredit S.p.A. in IT
Details
Fine Date
16 June 2022
Authority
Garante per la protezione dei dati personali
Fine Amount
€70,000
Enforcement Tracker ID
ETid-1369
About this data
Cite as: Cookie Fines. Unicredit S.p.A. - Italy (2022). Retrieved from cookiefines.eu
Last updated: