Enforcement action · Garante per la Protezione dei Dati Personali
Garante privacy sanction against Intesa Sanpaolo for customer profiling
Garante privacy sanction against Intesa Sanpaolo for customer profiling is an AI-related enforcement action involving Garante per la Protezione dei Dati Personali. Penalty: monetary_fine of $17628000. Italy's Garante privacy fined Intesa Sanpaolo €17.6 million for profiling 2.4 million customers during a corporate operation, with the bank currently appealing the decision.
Action details
- Agency
- Garante per la Protezione dei Dati Personali
- Jurisdiction
- IT
- Enforcement type
- fine
- Document type
- enforcement action
- Penalty
- $17628000 monetary_fine
- Topic
- data privacy
Summary
The Italian Data Protection Authority (Garante privacy) has imposed a fine of €17.6 million on Intesa Sanpaolo. The sanction relates to the profiling of 2.4 million customers as part of a corporate transaction. Intesa Sanpaolo is currently appealing this decision.
Primary source
https://www.gpdp.it/garante/doc.jsp?ID=10230273 →Related Garante per la Protezione dei Dati Personali actions
- [Garante] COMUNICATO STAMPA - Data breach, Garante privacy sanziona Intesa Sanpaolo per 31,8 milioni di euro. Accessi indebiti alle informazioni bancarie di oltre 3.500 clienti per più di due anni enforcement action 3/30/2026
- [Garante] COMUNICATO STAMPA - Il Garante privacy sanziona Poste Italiane e Postepay per oltre 12,5 milioni di euro enforcement action 4/20/2026
- [Garante] COMUNICATO STAMPA - Garante privacy sanziona Intesa Sanpaolo per 17,6 milioni di euro. 2,4 milioni di clienti profilati nell’ambito di una operazione societaria enforcement action 3/12/2026
Frequently asked questions
- What is Garante privacy sanction against Intesa Sanpaolo for customer profiling?
- The Italian Data Protection Authority (Garante privacy) has imposed a fine of €17.6 million on Intesa Sanpaolo. The sanction relates to the profiling of 2.4 million customers as part of a corporate transaction. Intesa Sanpaolo is currently appealing this decision. Primary source →
- Which agency brought the action?
- Garante per la Protezione dei Dati Personali brought this enforcement action in IT. Primary source →
- What was the penalty?
- The disclosed penalty is a monetary_fine amount of $17628000. Primary source →
- When did the action take effect?
- The most recent activity on this action was published on 3/12/2026. Primary source →
- Where can I find the primary source?
- The primary source for Garante privacy sanction against Intesa Sanpaolo for customer profiling is at https://www.gpdp.it/garante/doc.jsp?ID=10230273. AIGI does not paraphrase secondary commentary — every claim on this page links back to that primary source. Primary source →
Related
Stay informed