Greece
Piraeus Bank
210,000 €
GDPR enforcement action by Hellenic Data Protection Authority (HDPA) on 2023-06-12.
Rank · Sector
#57
of 322 in Finance, Insurance and Consulting
Rank · Greece
#7
of 93
Rank · All fines
#338
of 3,050
Case details
- Authority
- Hellenic Data Protection Authority (HDPA)
- Date
- 2023-06-12
- Controller / Processor
- Piraeus Bank
- Sector
- Finance, Insurance and Consulting
- Quoted Articles
- Art. 5 (1) a) GDPR, Art. 6 GDPR, Art. 15 (1) GDPR, Art. 25 (1) GDPR
- Type of violation
- Non-compliance with general data processing principles
Summary
The Hellenic DPA has imposed a fine of EUR 210,000 on Piraeus Bank. During its investigation, the DPA found that the bank had processed personal data of customers in violation of the principle of lawfulness. In addition, the DPA found that the bank had processed personal data without taking appropriate and effective technical and organizational measures to process only the data necessary for the specific purpose. Finally, the DPA found that the bank had failed to properly comply with a data subject's request for access to their personal data.
Open original source
Links to the regulator's original publication or another source.
Related fines
Greece
2022-07-13
20,000,000 €
ETid-1268
Clearview Al Inc.
Industry and Commerce
Greece
2022-01-27
6,000,000 €
ETid-1024
Cosmote Mobile Telecommunications S.A.
Media, Telecoms and Broadcasting
Greece
2022-01-27
3,200,000 €
ETid-1025
OTE Group
Media, Telecoms and Broadcasting
Greece
2024-02-28
2,995,140 €
ETid-2284
Hellenic Post (ΕΛΛΗΝΙΚΑ ΤΑΧΥΔΡΟΜΕΙΑ ΑΝΩΝΥΜΗ ΕΤΑΙΡΕΙΑ)
Transportation and Energy
Greece
2025-06-25
550,000 €
ETid-2878
Vodafone – PANAFON A.E.E.T.
Media, Telecoms and Broadcasting
Greece
2024-05-27
400,000 €
ETid-2556
Ministry of Interior (Greece)
Public Sector and Education