BRD-Groupe Société Générale S.A. – €2,000 Fine (Romania, 2023)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The Romanian data protection authority fined BRD-Groupe Société Générale EUR 2,000 for unlawfully sharing a client's personal data. This case shows that even small data breaches can lead to penalties, emphasizing the need for strict data handling practices.
What happened
BRD-Groupe Société Générale unlawfully disclosed personal data of a bank client.
Who was affected
A bank client and other individuals whose personal data was improperly shared.
What the authority found
The Romanian DPA found that the bank violated GDPR by not safeguarding personal data, resulting in unauthorized disclosure.
Why this matters
This fine serves as a reminder that financial institutions must ensure robust data protection measures to prevent unauthorized data sharing. Even minor breaches can result in penalties, stressing the importance of compliance.
GDPR Articles Cited
The Romanian DPA has imposed a fine of EUR 2,000 on BRD-Groupe Société Générale S.A.. The controller had reported a data breach to the DPA. During its investigation, the DPA found that the controller had unlawfully disclosed personal data of a bank client and other individuals.
Related Enforcement Actions (0)
No other enforcement actions found for BRD-Groupe Société Générale S.A. in RO
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
15 June 2023
Authority
Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal
Fine Amount
€2,000
Enforcement Tracker ID
ETid-1894
About this data
Cite as: Cookie Fines. BRD-Groupe Société Générale S.A. - Romania (2023). Retrieved from cookiefines.eu
Last updated: