The Italian Data Protection Authority has disposed the temporary freezing of the personal data processing toward the Society which is managing the app “Mitiga Italia”.
The app was used for the first time on the 19th of May in order to permit the entrance to the final Italian Cup of spectators who have the certification which testify the occurred vaccination, the recovery or the negative status of COVID-19.
The measure was necessary because it has surged the possibility that the app, during the next days, could be used for governing the access to other spectacles or events.
In its provision the Authority has underlined that it does not exist a legal valid basis for the personal data processing, also those data particularly sensitive, like those one of health nature, carried out by app and aimed to ensure the situation “COVID- free” of who is participant to sport events as like public manifestations or premises open to the public.
The company Mitiga, finally, having, on the 1st of April, submitted to the Authority the application, should still abstain from any processing of data not having run the time required by the Regulations for the assumption of a decision by the same Authority.
The blockage shall take effect immediately and shall continue for as long as is necessary to allow the Authority to define the investigation initiated.
SOURCE: AUTORITA’ PER LA PROTEZIONE DEI DATI DELL’ITALIA – GPDP