Image for article type news
News

Italy: Garante fines OMNIA24 €100,000 for multiple GDPR violations

January 12, 2022
Summary

The Italian data protection authority, Garante, fined OMNIA24 €100,000 for GDPR violations following a complaint about unauthorized promotional SMS. OMNIA24 failed to clarify data processing responsibilities with La Duomo, the marketing service provider, and did not demonstrate compliance with GDPR's principles of lawfulness, fairness, and transparency. The company also failed to provide proof of consent for marketing, leading to the conclusion that promotional messages were sent without consent. Aggravating factors included lack of oversight and non-cooperation with Garante, while mitigating factors were the absence of previous violations. Garante prohibited further processing without consent, ordered measures to regulate relationships with processing entities, and demanded facilitation of data subjects' rights.

The Italian data protection authority ('Garante') issued, on 2 December 2021, its decision in case No. 424, in which it imposed a fine of €100,000 to OMNIA24 srl, for violations of Article 5(1)(a), 5(2), 6(1)(a), 12, 13, 14, 15, 24, and 28 of the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR') and Article 130 of the Personal Data Protection Code, Containing Provisions to Adapt the National Legislation to General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR') ('the Code'), following a complaint submitted by an individual, and in conjunction with a related decision. Background to the decision In particular, the Garante reported that the complainant, upon

News

Gain access to unlimited articles with 7 day access to all features, no credit card required.

or

Other options: