ORANGE BANK, S.A. SUCURSAL EN ESPAÑA – €200,000 Fine (Spain, 2025)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The Spanish DPA (AEPD) has imposed a fine of EUR 200,000 on ORANGE BANK, S.A. SUCURSAL EN ESPAÑA. The AEPD reacted to multiple complaints of private individuals regarding a data leak. ORANGE BANK (the controller) used a data processor for the processing of personal data. ORANGE BANK was unable to ensure that necessary technical and organizational measures had been taken, resulting in the infringement of Art. 5 (1) f) GDPR. Additionally, the AEPD decided that the present infringement is particularly serious, due to the fact, that ORANGE BANK processes large amounts of data resulting in an increased demand towards the internal processes regarding data protection and security. Lastly the AEPD ordered ORANGE BANK to bring their processes into compliance with the GDPR within 6 months after the decision becomes final and enforceable.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
National Law Articles
The Spanish DPA (AEPD) has imposed a fine of EUR 200,000 on ORANGE BANK, S.A. SUCURSAL EN ESPAÑA. The AEPD reacted to multiple complaints of private individuals regarding a data leak. ORANGE BANK (the controller) used a data processor for the processing of personal data. ORANGE BANK was unable to ensure that necessary technical and organizational measures had been taken, resulting in the infringement of Art. 5 (1) f) GDPR. Additionally, the AEPD decided that the present infringement is particularly serious, due to the fact, that ORANGE BANK processes large amounts of data resulting in an increased demand towards the internal processes regarding data protection and security. Lastly the AEPD ordered ORANGE BANK to bring their processes into compliance with the GDPR within 6 months after the decision becomes final and enforceable.
Related Enforcement Actions (0)
No other enforcement actions found for ORANGE BANK, S.A. SUCURSAL EN ESPAÑA in ES
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
14 February 2025
Authority
Agencia Española de Protección de Datos
Fine Amount
€200,000
Enforcement Tracker ID
ETid-2585
About this data
Cite as: Cookie Fines. ORANGE BANK, S.A. SUCURSAL EN ESPAÑA - Spain (2025). Retrieved from cookiefines.eu
Last updated: