Search
Close this search box.
AI-based solution designed to automate personal data discovery and classification
Discover personal data across multiple systems in the cloud or on-premise
Turn data subjects request into an automated workflow with a clear insight into data every step of the way
Collaborate with stakeholders and manage DPIA and LIA in real-time with Assessment Automation
Privacy portal allows customers to communicate their requests and preferences at any time
Introducing end-to end automation of personal data removal

Latest Blog posts

Learn the terms

General Data Protection Regulation

Here you can find the official content of the Regulation (EU) 2016/679 (General Data Protection Regulation) in the current version. All Articles of the GDPR are linked with suitable recitals.

Latest papers

Italian DPA issued a €12.25 million GDPR fine to Vodafone for aggressive telemarketing

Italian DPA issued €12.25 million GDPR fine to Vodafone

On November 12, 2020, the Italian Data Protection Authority- Garante per la protezione dei dati personal, issued a €12.25 million ($14.5 million) fine to telecommunications company- Vodafone Italia for violation of the General Data Protection Regulation (GDPR).

After receiving hundreds of individual complaints about unsolicited calls from Vodafone, the Garante launched an investigation that uncovered flaws in the customer information storage system along with purchased lists from external providers with personal data of more than 4.5 million individuals gathered without proper consent.

The fine was issued for unlawful processing of personal data of millions of users for telemarketing purposes, violation of the accountability principle, and data protection by design.

As the EDPB stated, “one of the most worrying findings of the investigations was the use of fake telephone numbers or numbers that were not registered with the ROC (National Consolidated Registry of Communication Operators) in order to place the marketing calls. This practice is under Vodafone’s own spotlight and is seemingly related to a shady set of unauthorized call centers that carry out telemarketing activities in utter disregard of personal data protection legislation.”

Vodafone was ordered to implement systems to demonstrate that processing for telemarketing purposes complies with consent requirements, implement stronger security measures, and provide proof that the contracts were activated following telemarketing calls that were placed through their own sales network and with registered numbers.

Finally, Vodafone is banned from further processing data for marketing or commercial purposes where such data are acquired from third parties that have not obtained proper consent.

This is the third-largest fine the Italian Garante issued so far, right after the €27 800 000 issued to Italian telecommunications operator TIM, and €16,700,000 to Wind Tre S.p.A. telecommunication company.

Request a Data Privacy Manager demo

Let us navigate you through the Data Privacy Manager solution and showcase functionalities that will help you overcome your compliance challenges.

Scroll to Top