Details:
| Summary | The Romanian DPA (ANSPDCP) has fined Banca Comercială Română S.A. EUR 2,000. A data subject had initiated a complaint with the DPA because the controller had used his personal data in the context of an enforcement procedure for debts arising from a credit agreement of which he was unaware. |
| Link: | link |
| Related articles: | Art. 5 (1) a), d), (2) GDPR, Art. 6 GDPR |
| Type: | Insufficient legal basis for data processing |
| Fine: | EUR 2,000 |
| Sector | Finance, Insurance and Consulting |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/