REVMA PLUS Retail S.A.: Insufficient technical and organisational measures to ensure information security

The Greek DPA has imposed a fine of EUR 5,000 on REVMA PLUS Retail S.A.. The fined entity is the processor of Thessaloniki–Thessaly Gas Supply Company S.A. (ETid-3016). The processor, a call center involved in direct marketing activities, suffered a technical error in its system that prevented operators from calling data subjects that had not given their consent for direct marketing calls. The processor also failed to inform the controller of the technical error.

GDPR Articles: Art. 32 GDPR
Industry: Media, Telecoms and Broadcasting