PIRAEUS BANK S.A. – €20,000 Fine (Greece, 2022)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The Hellenic Data Protection Authority fined PIRAEUS BANK EUR 20,000 for not informing customers about storing their last 10 card transactions on the card chip. This information could be accessed without the customers' knowledge, violating GDPR rules. Banks should be transparent about how they handle transaction data.
What happened
PIRAEUS BANK stored the last 10 card transactions on the card chip without informing customers.
Who was affected
Customers using debit or credit cards issued by PIRAEUS BANK.
What the authority found
The Hellenic DPA found that PIRAEUS BANK violated GDPR by not informing customers about the storage of transaction data on card chips.
Why this matters
This fine emphasizes the importance of transparency in how banks handle customer data. Financial institutions must clearly communicate data practices to comply with GDPR.
GDPR Articles Cited
The Hellenic DPA has imposed a fine of EUR 20,000 on PIRAEUS BANK S.A.. In the context of the use of certain debit/credit cards, information of the last 10 transactions were stored on the chip of the card without the customers' explicit consent. This information could be read out later. The DPA found that the bank had failed to inform affected customers about this storage of transaction information and therefore violated Art. 13 GDPR.
Related Enforcement Actions (0)
No other enforcement actions found for PIRAEUS BANK S.A. in GR
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
3 October 2022
Authority
Hellenic Data Protection Authority
Fine Amount
€20,000
Enforcement Tracker ID
ETid-1457
About this data
Cite as: Cookie Fines. PIRAEUS BANK S.A. - Greece (2022). Retrieved from cookiefines.eu
Last updated: