Ergasias S.A โ Dismissed (Greece, 2019)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A Greek bank's appeal was dismissed after it challenged a decision about handling data access requests. The bank argued the obligations were too strict, but the authority upheld the original advice. This case emphasizes the importance of timely responses to data access requests.
What happened
Eurobank Ergasias S.A. appealed a decision on how to handle data access requests, but the appeal was dismissed.
Who was affected
Debtors seeking to exercise their rights to access and object to personal data processing were involved.
What the authority found
The authority found no grounds to re-examine the case, upholding the original decision on data access request handling.
Why this matters
This ruling reinforces the need for companies to adhere to guidelines on responding to data access requests promptly. It highlights the importance of balancing compliance with operational feasibility.
GDPR Articles Cited
The Greek bank Eurobank Ergasias S.A. appealed before the HDPA to challenge HDPA's older decision. The appealed decision provided advises on what measures the Bank should have taken to properly respond to a data subject's access request and to guarantee the exercise of the right to object. The Bank claimed that the appealed decision imposed disproportionate obligations on it and on other creditors violating the former national data protection law and the law on the establishment of debtor notification companies. The issue at stake was mainly the determination of the period within which the Bank had to notify the personal data to the data subjects, in order for the debtors to be able to exercise their rights to access and to object. The appealed decision recommended that the Bank provide the debtors with a reasonable period of 10-15 days starting from the notification of the debtors until the Bank distributes their personal data to the debtor notification companies. The HDPA ruled that there is no ground for re-examination of this case. Thus, it rejected the appeal.
Outcome
Dismissed
The complaint or investigation was dismissed.
Related Enforcement Actions (0)
No other enforcement actions found for Ergasias S.A in GR
This is the only recorded action for this entity in this jurisdiction.
Details
About this data
Cite as: Cookie Fines. Ergasias S.A - Greece (2019). Retrieved from cookiefines.eu
Last updated: