Vodafone España, SAU

€100,000

Insufficient technical and organisational measures to ensure information security

Fecha de la decisión

25 de mayo de 2021

Autoridad

Spanish Data Protection Authority (aepd)

ES

Sector

Media, Telecoms and Broadcasting

País

ES

Ley

GDPR

Estado

FINAL

Descripción

The Spanish DPA (AEPD) has imposed a fine of EUR 100,000 on Vodafone España, S.A.U.. A data subject had filed a complaint with the Spanish DPA against the telecommunications company. According to the complaint, the data subject had received an advertising call from a company, which was made on behalf of Vodafone España, S.A.U., although the data subject was registered in the Robinson advertising exclusion list. According to Vodafone's commissioned processor, the advertising call to the data subject had occurred due to an error in the call number filtering system. In the course of its investigation, the DPA found that Vodafone had not established any measures to avoid advertising calls to numbers on the Robinson list. In the present case, Vodafone had not even been aware that the number of the data subject was on the Robinson list, which meant that it was not blocked for the commissioned company.

Citas legales

Art. 28

Problemas e infracciones

Insufficient technical and organisational measures to ensure information security
Ver documento oficial
Volver a la base de datos de multas
Multa anterior
Spanish Data Protection Authority (aepd) - Managin...
Siguiente multa
Data Protection Authority of Hamburg (HmbBfDI) - C...

Manténgase al día sobre la aplicación de las normas de protección de la intimidad

Respetamos su intimidad. Un correo electrónico al mes, sin spam, darse de baja en cualquier momento.