A firm in Lithuania has become the first to be fined by the fintech hub for reaping too much customer data while carrying out payment initiation, highlighting the risk of collision between data-intensive business models and the EU’s thick privacy rulebook.
Late last week, the Lithuanian State Data Inspectorate imposed a €61,500 fine on MisterTango, a payment initiation service provider (PISP), for collecting data that the regulator considered “excessive”.
The company was deemed to be in violation of the EU’s General Data Protection Regulation (GDPR).
Request a Free Trial
As a trusted source of regulatory intelligence for the global payments industry, we enable organisations to manage the growing volume and velocity of regulatory risk with confidence, empowering more informed and effective decision making, in an efficient and cost-effective way.Take a Trial