NATIONAL BANK OF GREECE S.A. – €20,000 Fine (Greece, 2022)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The Hellenic Data Protection Authority fined the National Bank of Greece €20,000 for not informing customers that their last 10 card transactions were stored on their card's chip. This information could be accessed without their knowledge. This case stresses the importance of transparency in how companies handle customer data.
What happened
The bank stored customers' last 10 card transactions on the card chip without informing them.
Who was affected
Customers of the National Bank of Greece who used certain debit/credit cards.
What the authority found
The authority found the bank violated GDPR by not informing customers about the storage of transaction data.
Why this matters
This ruling highlights the necessity for businesses to be transparent about data practices, reinforcing the importance of informing customers about how their data is used.
GDPR Articles Cited
The Hellenic DPA has imposed a fine of EUR 20,000 on NATIONAL BANK OF GREECE S.A.. In the context of the use of certain debit/credit cards, information of the last 10 transactions were stored on the chip of the card without the customers' explicit consent. This information could be read out later. The DPA found that the bank had failed to inform affected customers about this storage of transaction information and therefore violated Art. 13 GDPR.
Related Enforcement Actions (0)
No other enforcement actions found for NATIONAL BANK OF GREECE S.A. in GR
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
3 October 2022
Authority
Hellenic Data Protection Authority
Fine Amount
€20,000
Enforcement Tracker ID
ETid-1458
About this data
Cite as: Cookie Fines. NATIONAL BANK OF GREECE S.A. - Greece (2022). Retrieved from cookiefines.eu
Last updated: