Bank – €72,500 Fine (Hungary, 2022)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A Hungarian bank was fined EUR 72,500 for conducting an unauthorized credit check on a customer. The bank performed a second credit check without the customer's request or consent. This case underscores the importance of having a legal basis for processing personal data.
What happened
The bank conducted a second credit check on a customer without a legal basis, as the customer did not request it.
Who was affected
The individual who applied for credit and was subjected to an unauthorized second credit check was affected.
What the authority found
The Hungarian DPA ruled that the bank's second credit check was unlawful due to the lack of a valid legal basis.
Why this matters
This decision highlights the necessity for companies to ensure they have a valid reason for processing personal data, especially in sensitive areas like credit checks. Businesses should review their procedures to avoid similar violations.
GDPR Articles Cited
The Hungarian DPA has imposed a fine of EUR 72,500 on a bank. An individual had filed a complaint with the DPA. The bank had conducted a credit check on the individual based on a credit application. However, the bank later conducted a second credit check, although the individual had not requested a new credit offer. The DPA therefore found that this second credit check was carried out unlawfully due to the lack of a legal basis.
Related Enforcement Actions (2)
Other enforcement actions involving Bank in HU
Fine
€73K
Details
Fine Date
5 October 2022
Authority
Nemzeti Adatvédelmi és Információszabadság Hatóság
Fine Amount
€72,500
Enforcement Tracker ID
ETid-1440
About this data
Cite as: Cookie Fines. Bank - Hungary (2022). Retrieved from cookiefines.eu
Last updated: