Details:
| Summary | The Spanish DPA (AEPD) has imposed a fine of EUR 100,000 on Vodafone España, S.A.U.. A data subject had filed a complaint with the Spanish DPA against the telecommunications company. According to the complaint, the data subject had received an advertising call from a company, which was made on behalf of Vodafone España, S.A.U., although the data subject was registered in the Robinson advertising exclusion list. According to Vodafone’s commissioned processor, the advertising call to the data subject had occurred due to an error in the call number filtering system. In the course of its investigation, the DPA found that Vodafone had not established any measures to avoid advertising calls to numbers on the Robinson list. In the present case, Vodafone had not even been aware that the number of the data subject was on the Robinson list, which meant that it was not blocked for the commissioned company. |
| Link: | link |
| Related articles: | Art. 28 GDPR |
| Type: | Insufficient technical and organisational measures to ensure information security |
| Fine: | EUR 100,000 |
| Sector | Media, Telecoms and Broadcasting |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/