Greece
NATIONAL BANK OF GREECE S.A.
20,000 €
GDPR enforcement action by Hellenic Data Protection Authority (HDPA) on 2022-10-03.
Rank · Sector
#165
of 322 in Finance, Insurance and Consulting
Rank · Greece
#40
of 93
Rank · All fines
#1,067
of 3,050
Case details
- Authority
- Hellenic Data Protection Authority (HDPA)
- Date
- 2022-10-03
- Controller / Processor
- NATIONAL BANK OF GREECE S.A.
- Sector
- Finance, Insurance and Consulting
- Quoted Articles
- Art. 13 GDPR
- Type of violation
- Insufficient fulfilment of information obligations
Summary
The Hellenic DPA has imposed a fine of EUR 20,000 on NATIONAL BANK OF GREECE S.A.. In the context of the use of certain debit/credit cards, information of the last 10 transactions were stored on the chip of the card without the customers' explicit consent. This information could be read out later. The DPA found that the bank had failed to inform affected customers about this storage of transaction information and therefore violated Art. 13 GDPR.
Open original source
Links to the regulator's original publication or another source.
Related fines
Greece
2022-07-13
20,000,000 €
ETid-1268
Clearview Al Inc.
Industry and Commerce
Greece
2022-01-27
6,000,000 €
ETid-1024
Cosmote Mobile Telecommunications S.A.
Media, Telecoms and Broadcasting
Greece
2022-01-27
3,200,000 €
ETid-1025
OTE Group
Media, Telecoms and Broadcasting
Greece
2024-02-28
2,995,140 €
ETid-2284
Hellenic Post (ΕΛΛΗΝΙΚΑ ΤΑΧΥΔΡΟΜΕΙΑ ΑΝΩΝΥΜΗ ΕΤΑΙΡΕΙΑ)
Transportation and Energy
Greece
2025-06-25
550,000 €
ETid-2878
Vodafone – PANAFON A.E.E.T.
Media, Telecoms and Broadcasting
Greece
2024-05-27
400,000 €
ETid-2556
Ministry of Interior (Greece)
Public Sector and Education