BANCO BILBAO VIZCAYA ARGENTARIA, S.A – €56,000 Fine (Spain, 2023)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Banco Bilbao Vizcaya Argentaria was fined EUR 56,000 for sharing a customer's personal data with their spouse without consent. The fine was initially higher but was reduced after the bank made a voluntary payment. This case highlights the importance of obtaining consent before sharing personal information.
What happened
Banco Bilbao Vizcaya Argentaria disclosed a customer's personal data to their spouse without consent.
Who was affected
The customer whose personal data was shared with their spouse without their permission.
What the authority found
The Spanish DPA fined the bank for breaching GDPR's principles of data confidentiality and security.
Why this matters
This case serves as a warning to businesses about the importance of obtaining explicit consent before sharing personal data, reinforcing GDPR's emphasis on data protection and privacy.
GDPR Articles Cited
The Spanish DPA has imposed a fine on BANCO BILBAO VIZCAYA ARGENTARIA, S.A.. An individual had filed a complaint with the DPA because the controller had disclosed their personal data to their spouse without their consent. The original fine of EUR 70,000 was reduced to EUR 56,000 due to the voluntary payment.
Related Enforcement Actions (0)
No other enforcement actions found for BANCO BILBAO VIZCAYA ARGENTARIA, S.A in ES
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
19 January 2023
Authority
Agencia Española de Protección de Datos
Fine Amount
€56,000
Enforcement Tracker ID
ETid-2249
About this data
Cite as: Cookie Fines. BANCO BILBAO VIZCAYA ARGENTARIA, S.A - Spain (2023). Retrieved from cookiefines.eu
Last updated: