FT Solutions S.r.l.: Non-compliance with general data processing principles

The Italian DPA has imposed a fine of EUR 5,000 on FT Solutions S.r.l. The fined entity had been active in direct marketing activities as a data processor. During these activities, the processor used personal data for this purpose without sufficient legal basis, obtained from a third party that also collected the data in violation of data protection principles. Furthermore, the processor failed to inform data subjects regarding the processing and to implement adequate data protection measures.

GDPR Articles: Art. 5 (1) a), b), d), f), (2) GDPR, Art. 6 (1) a) GDPR, Art. 7 GDPR, Art. 12 (1), (2) GDPR, Art. 13 GDPR, Art. 14 GDPR, Art. 21 (2) GDPR, Art. 24 GDPR, Art. 25 GDPR, Art. 32 GDPR
Industry: Industry and Commerce