100 EUR GDPR Fine for Bank Branch
A customer wanted to exchange € 100 for Turkish Lira at a bank branch. The employee asked for a proof of identity according to § 5 Z2 Federal Law to Prevent Money Laundering and Terrorist Financing, as required in the financial market. Therefore, he made a copy of the customers driver’s license. However, this measure is only appropriate for amounts of € 1000.00 or more. Thus, the data subjects right for protection of personal data is to be prioritized and the processing to be regarded as unlawful. There was a GDPR fine of 100 EUR imposed.
Type of Issue:
Illegal data collection
Number of involved data records:
Special category of data involved:
Violation of GDPR Paragraph:
6. Lawfulness of processing