Alpha Bank Romania SA – €1,000 Fine (Romania, 2022)

€1,000Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal29 August 2022Romania
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Alpha Bank Romania SA was fined EUR 1,000 for accidentally sending customer data to the wrong person via WhatsApp. This mistake shows how important it is for companies to have strong data protection measures in place. Businesses should ensure they have proper systems to prevent such errors.

What happened

Alpha Bank Romania SA mistakenly sent personal data to the wrong recipient through WhatsApp.

Who was affected

Four individuals whose personal data, including names and loan details, were sent to the wrong person.

What the authority found

The Romanian DPA found that the bank failed to implement adequate measures to protect personal data, leading to the accidental data breach.

Why this matters

This case highlights the risks of using informal communication channels for sensitive data and the need for robust data protection practices. Companies should review their data handling procedures to prevent similar breaches.

GDPR Articles Cited

Art. 29 GDPR
Art. 32(1)(b) GDPR
Art. 32(2) GDPR
Romania enforcementAutoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal actionsAll Alpha Bank Romania SA actions
Full Legal Summary
Detailed

The Romanian DPA has imposed a fine of EUR 1,000 on Alpha Bank Romania SA. The bank had accidentally sent a document to the wrong recipient via WhatsApp. The document contained personal data of four data subjects, such as first and last names and information on loans and contracts. During its investigation, the DPA found that the bank had failed to implement sufficient technical and organizational measures to protect personal data.

Related Enforcement Actions (0)

No other enforcement actions found for Alpha Bank Romania SA in RO

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

29 August 2022

Authority

Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal

Fine Amount

€1,000

Enforcement Tracker ID

ETid-1377

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Alpha Bank Romania SA - Romania (2022). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: