Swedish DPA issues a 1.3 million euro fine for using Meta pixel
The Integritetsskyddsmyndigheten (IMY), the Swedish data protection authority (DPA), has issued a fine against Avanza Bank of 15 million Swedish krona (approximately 1.3 million euros) for transferring personal data of customers to Meta.
According to the Swedish DPA, Avanza used the so-called Meta pixel on its website and app to analyze the bank’s marketing activities on Facebook. Because the online bank had accidently activated new sub-functions in the Meta pixel, personal information was passed down to Meta.
The personal information contained customers’ securities holding, account numbers, loan amounts and social security numbers.
This happened to one million customers between November 2019 and June 2021.
Avanza states that it deactivated the Meta pixel as soon as it became aware of the incident. The bank stresses that the personal data the Meta Pixel collected has been deleted. The bank also took a look at their internal procedures to ensure personal data is processed correctly and securely.
“The bank has violated the General Data Protection Regulation (GDPR) by failing to take appropriate technical and organizational measures to ensure an appropriate level of security for the personal data of website visitors and app users,” says Catharina Fernquist, unit manager at IMY.
Because of the incident Avanza has to pay a fine of 15 million krona, which translates to roughly 1.3 million euros.
Avanza is a Stockholm-based online bank specialized in savings, investments and pensions. It’s one of the largest stockbrokers in Sweden with over 1.8 million customers and a market share of 6.6 percent of the Swedish savings market. Avanza, which was founded in 1999, has over 650 employees and an annual revenue of over 265 million euros.
Your email address will not be published. Required fields are marked