Vodafone was recently fined €12.5 million, the third-largest fine levied by the Italian Data Protection Authority (“IDPA”) for violations of the General Data Protection Regulation (“GDPR”).
The IDPA investigation began after it received a substantial number of complaints from Italian consumers regarding Vodafone’s sales methods. Upon review, the IDPA found that Vodafone’s customer database had major flaws, with the company securing the personal data records of 4.5 million citizens from third-party providers without their consent. In their response, Vodafone claimed that human error caused the problem, but the IDPA deemed the lack of safety mechanisms and triggers for a company of Vodafone’s size to be substantially negligent.
In addition to the fine, the IDPA is requiring Vodafone to modify its telemarketing approach in Italy, and has prohibited the carrier from processing personal data acquired from third parties without first obtaining consent directly from the consumer. Vodafone is no stranger to GDPR violations, with the Spanish authority fining Vodafone 29 times, and Romania fining them twice in 2020 alone.
Clym believes in striking a balance between legal compliance and business needs, which is why we provide a cost-effective, scalable and flexible platform to comply with LGPD, GDPR, CCPA and other laws, including those in the UK, as they come online. Our platform provides consumers with an effective and easy-to-navigate way to opt-out of data collection while not infringing upon the website UI that businesses rely on to drive revenues. Contact us today about how your company can implement Clym to help manage your data privacy regulation compliance from a global perspective.