Italy: Data Protection Authority opened an investigation into Intesa Sanpaolo over alleged violations of General Data Protection Regulation

Data Protection Authority opened an investigation into Intesa Sanpaolo over alleged violations of General Data Protection Regulation

On 16 November 2023, the Italian Data Protection Authority (GPDP) opened an investigation into Intesa Sanpaolo, an Italian banking group, over alleged violations of the General Data Protection Regulation (Regulation (EU) 2016/679, GDPR). The GPDP re…

Scope

Policy Area

Data governance

Policy Instrument

Data protection regulation

Regulated Economic Activity

other service provider

Implementation Level

national

Government Branch

executive

Government Body

data protection authority

Complete timeline of this policy change

Hide details

2023-11-16

under deliberation

On 16 November 2023, the Italian Data Protection Authority (GPDP) opened an investigation into Inte…

2025-01-03

under investigation

On 3 January 2025, the Data Protection Authority (GPDP) notified Intesa Sanpaolo, an Italian bankin…

2026-03-12

in force

On 12 March 2026, the Data Protection Authority (GPDP) imposed a fine of EUR 17.628 million on Inte…

Description

Data Protection Authority opened an investigation into Intesa Sanpaolo over alleged violations of General Data Protection Regulation

Scope

Complete timeline of this policy change