Banca Comercială Română SA – €5,000 Fine (Romania, 2020)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Romania's data protection authority fined Banca Comercială Română SA for not securing customer ID documents shared via WhatsApp. This case is important because it highlights the risks of using unsecured communication channels for sensitive data. Businesses should ensure secure methods for data transmission to comply with GDPR.
What happened
Banca Comercială Română SA failed to secure the collection and transmission of customer ID documents via WhatsApp.
Who was affected
Customers whose identification documents were shared via WhatsApp by Banca Comercială Română SA were affected.
What the authority found
The authority found that Banca Comercială Română SA did not implement adequate security measures, violating Article 32 of the GDPR.
Why this matters
This case emphasizes the importance of using secure channels for transmitting sensitive information. It serves as a warning to businesses about the potential risks and penalties of inadequate data security practices.
GDPR Articles Cited
The data protection authority finds that the company has not taken adequate technical and organisational measures to ensure an adequate level of information security. This applies in particular to the collection and transmission of copies of customers' identification documents via WhatsApp.
Related Enforcement Actions (1)
Other enforcement actions involving Banca Comercială Română SA in RO
Details
Fine Date
5 May 2020
Authority
Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal
Fine Amount
€5,000
Enforcement Tracker ID
ETid-275
About this data
Cite as: Cookie Fines. Banca Comercială Română SA - Romania (2020). Retrieved from cookiefines.eu
Last updated: