Business

Raiffeisen Bank and online credit platform fined in RO for incorrect use of personal data

10 October 2019

Like this article? Share it with your friends!

Facebook
Twitter
Google
Pinterest
Reddit
Email
LinkedIn

Romania’s National Supervisory Authority for Personal Data Processing (ANSPDCP) has fined Raiffeisen Bank and local online credit platform Vreau Credit with a total amount of EUR 170,000, out of which EUR 150,000 to be paid by Raiffeisen, for a broad range of data confidentiality breaches.

More exactly, Raiffeisen Bank Romania carried scoring assessments based on personal data of people who registered on the Vreau Credit platform, supplied through WhatsApp by the platform’s employees, and then returned the outcome to Vreau Credit using the same communication means.

Personal data of some 1,100 individuals were thus circulated between the two commercial entities.

Raiffeisen Bank carried investigations in the Credit Bureau database (to search for payment incidents of the subjects) and in the tax collection agency database, where a larger amount of information pertaining the subjects can be found.

Furthermore, Raiffeisen employees breached the bank’s regulations when disclosing the negative scoring outcome to Vreau Credit.

The platform was fined for disclosing personal data to Raiffeisen without the clients’ consent, Raiffeisen was fined for running scoring assessments based on personal data and disclosing the results without the consent of subjects and both were found responsible for having used unprotected communication means.

(Photo: Pixabay)

editor@romania-insider.com

Read next
Normal
Business

Raiffeisen Bank and online credit platform fined in RO for incorrect use of personal data

10 October 2019

Like this article? Share it with your friends!

Facebook
Twitter
Google
Pinterest
Reddit
Email
LinkedIn

Romania’s National Supervisory Authority for Personal Data Processing (ANSPDCP) has fined Raiffeisen Bank and local online credit platform Vreau Credit with a total amount of EUR 170,000, out of which EUR 150,000 to be paid by Raiffeisen, for a broad range of data confidentiality breaches.

More exactly, Raiffeisen Bank Romania carried scoring assessments based on personal data of people who registered on the Vreau Credit platform, supplied through WhatsApp by the platform’s employees, and then returned the outcome to Vreau Credit using the same communication means.

Personal data of some 1,100 individuals were thus circulated between the two commercial entities.

Raiffeisen Bank carried investigations in the Credit Bureau database (to search for payment incidents of the subjects) and in the tax collection agency database, where a larger amount of information pertaining the subjects can be found.

Furthermore, Raiffeisen employees breached the bank’s regulations when disclosing the negative scoring outcome to Vreau Credit.

The platform was fined for disclosing personal data to Raiffeisen without the clients’ consent, Raiffeisen was fined for running scoring assessments based on personal data and disclosing the results without the consent of subjects and both were found responsible for having used unprotected communication means.

(Photo: Pixabay)

editor@romania-insider.com

Read next
Normal
 

facebooktwitterlinkedin

1

Romania Insider Free Newsletters

Subscribe now

Editor's picks