Banco Bilbao Vizcaya Argentaria S.L. – €48,000 Fine (Spain, 2022)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Banco Bilbao Vizcaya Argentaria was fined EUR 48,000 for accidentally sending a customer's account information to someone else. This happened because the bank didn't have strong enough security measures. The case shows that banks must ensure their systems protect customer data.
What happened
Banco Bilbao Vizcaya Argentaria sent a customer's account information to an unauthorized third party.
Who was affected
Customers whose account information was disclosed to unauthorized third parties.
What the authority found
The Spanish DPA found that the bank's inadequate security measures led to unauthorized data disclosure.
Why this matters
This ruling emphasizes the importance of robust security measures in financial institutions to prevent data breaches. Banks should regularly assess and improve their data protection practices.
GDPR Articles Cited
The Spanish DPA has imposed a fine on Banco Bilbao Vizcaya Argentaria, S.A.. An individual had filed a complaint with the DPA due to requesting information on one of their accounts and then receiving contract information from a third party. The DPA found that the unauthorized disclosure of third-party data was due to inadequate technical and organizational measures at the bank. The original fine of EUR 80,000 was reduced to EUR 48,000 due to voluntary payment and admission of responsibility.
Related Enforcement Actions (2)
Other enforcement actions involving Banco Bilbao Vizcaya Argentaria S.L. in ES
Fine
€48K
Details
Fine Date
11 November 2022
Authority
Agencia Española de Protección de Datos
Fine Amount
€48,000
Enforcement Tracker ID
ETid-1490
About this data
Cite as: Cookie Fines. Banco Bilbao Vizcaya Argentaria S.L. - Spain (2022). Retrieved from cookiefines.eu
Last updated: