ING pays Spanish GDPR fine for requiring clients’ social security data access

( April 30, 2025, 07:29 GMT | Official Statement) -- MLex Summary: ING Bank has paid a fine of 1.6 million euros imposed by the Spanish Data Protection Agency, for requiring customers to authorize access to their employment data from the Social Security Treasury in order to open certain accounts. A customer had filed a complaint arguing that this violated privacy rights, the watchdog said. ING claimed the checks were needed to prevent money laundering, based on legal obligations, but the agency found the consent method was unclear and not freely given, and thus breached the EU's General Data Protection Regulation. The initial fine amounted to 2 million euros, which was reduced after the bank agreed to make a voluntary payment.The decision is attached in Spanish. ...

Prepare for tomorrow’s regulatory change, today

MLex identifies risk to business wherever it emerges, with specialist reporters across the globe providing exclusive news and deep-dive analysis on the proposals, probes, enforcement actions and rulings that matter to your organization and clients, now and in the longer term.

Know what others in the room don’t, with features including:

Daily newsletters for Antitrust, M&A, Trade, Data Privacy & Security, Technology, AI and more
Custom alerts on specific filters including geographies, industries, topics and companies to suit your practice needs
Predictive analysis from expert journalists across North America, the UK and Europe, Latin America and Asia-Pacific
Curated case files bringing together news, analysis and source documents in a single timeline

Experience MLex today with a 14-day free trial.

Start Free Trial

Already a subscriber? Click here to login

ING pays Spanish GDPR fine for requiring clients’ social security data access

Prepare for tomorrow’s regulatory change, today

Documents

Related Sections