Xfera Moviles S.A.

Περιγραφή

The Spanish DPA (AEPD) imposed a fine of EUR 150,000 on Xfera Móviles S.A.. The DPA had received two complaints from a data subject. The first complaint concerned the sending of advertising SMS messages that the data subject received from the controller, although he had objected to this and requested that his data be deleted. According to the data subject, he received over 60 SMS messages within 30 days. The second complaint was filed by the data subject because the controller repeatedly sent him messages containing confidential data of a third party. This concerned the login information of another customer to a company platform. On the portal, it was possible to view personal information as well as invoices, among other things. Although the data subject had informed the company of this, the incorrect mailing did not end. The original fine of EUR 150,000 was reduced to EUR 90,000 due to immediate payment and admission of guilt.