Euro Servizi per i Notai S.r.l. – €5,000 Fine (Italy, 2024)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The National Council of Notaries ("the Council") requested the DPA to investigate regarding the proper classification of the relationships between banks and notaries when, in the process of loan stipulation, certain lending banks utilize the services of a third-party company named "Euro Servizi per i Notai S.r.l." ("ESpN") for managing document exchange with notaries through a platform known as PIGNA. PIGNA is a service provided exclusively to banks by ESpN which is a computing service provider. It enabled banks and notaries, who handle tasks related to loan contracts and associated guarantees, to share required documents. This sharing occurred both before and after the contract was signed, except for a copy of the contract in enforceable form. Essentially, PIGNA facilitated the efficient exchange of necessary paperwork between these parties involved in the loan process. Several concerns arose from the situation described. Firstly, the Council recommended an investigation with regards to the roles and responsibilities in the processing of personal data within the PIGNA platform. This includes notaries, banks, and ESpN. The concern revolved around the processing of personal data of borrowers, related third parties (like property sellers), and data concerning the notaries themselves. Secondly, the relationship between PIGNA and individual notaries was unclear since notaries accessed the platform with authentication credentials provided by ESpN. Thirdly, there were issues with the level of information provided to notaries and the sequence of notifications sent by PIGNA. It was highlighted that notaries receive a range of notifications via both the portal and email. In some instances, these notifications arrive unexpectedly, directly from the lending bank selected by the borrower. For instance, they may receive notice granting them authority to issue a mortgage loan, which is not necessarily communicated by the borrower's chosen lending bank. Specifically, certain c
GDPR Articles Cited
Entities Involved
The National Council of Notaries ("the Council") requested the DPA to investigate regarding the proper classification of the relationships between banks and notaries when, in the process of loan stipulation, certain lending banks utilize the services of a third-party company named "Euro Servizi per i Notai S.r.l." ("ESpN") for managing document exchange with notaries through a platform known as PIGNA. PIGNA is a service provided exclusively to banks by ESpN which is a computing service provider. It enabled banks and notaries, who handle tasks related to loan contracts and associated guarantees, to share required documents. This sharing occurred both before and after the contract was signed, except for a copy of the contract in enforceable form. Essentially, PIGNA facilitated the efficient exchange of necessary paperwork between these parties involved in the loan process. Several concerns arose from the situation described. Firstly, the Council recommended an investigation with regards to the roles and responsibilities in the processing of personal data within the PIGNA platform. This includes notaries, banks, and ESpN. The concern revolved around the processing of personal data of borrowers, related third parties (like property sellers), and data concerning the notaries themselves. Secondly, the relationship between PIGNA and individual notaries was unclear since notaries accessed the platform with authentication credentials provided by ESpN. Thirdly, there were issues with the level of information provided to notaries and the sequence of notifications sent by PIGNA. It was highlighted that notaries receive a range of notifications via both the portal and email. In some instances, these notifications arrive unexpectedly, directly from the lending bank selected by the borrower. For instance, they may receive notice granting them authority to issue a mortgage loan, which is not necessarily communicated by the borrower's chosen lending bank. Specifically, certain c
Related Enforcement Actions (0)
No other enforcement actions found for Euro Servizi per i Notai S.r.l. in IT
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
11 January 2024
Authority
Garante per la protezione dei dati personali
Fine Amount
€5,000
GDPRhub ID
gdprhub-7758About this data
Cite as: Cookie Fines. Euro Servizi per i Notai S.r.l. - Italy (2024). Retrieved from cookiefines.eu
Last updated: