Penalty against Czech bank.

Penalty against Czech bank.

A Czech banking company was sentenced to a fine of 250,000 Czech crowns (about €9,700) for inadmissible data collection.

The company used biometric data for the signature. This was not neccesaray for the contract.

The supervisory authority also found recordings of telephone calls with customers. These were stored for the entire contract period and a further ten years. The Company also hereby infringed the principles of personal data processing.

In addition to the abovementioned fine, the Bank will also have to pay the procedural costs of CZK 1,000.

Decision data:
01.04.2019

Country:
Czech Republic

Type of Issue:
Illegal data processing

Number of involved data records:
1

Special category of data involved:
Yes

Fine:
€ 9,700,-

Reference:
https://www.bnt.eu/en/news/legal-news/2785-one-year-of-gdpr-taking-stock-of-the-first-fines-and-penalties?layout=bnt:news#:~:text=The%20Czech%20Data%20Protection%20Office,since%20GDPR%20came%20into%20force.&text=The%20highest%20fine%20was%20CZK,it%20should%20have%20had%20erased.