The Guarantor for the protection of personal data has sanctioned Sky Italia srl for numerous violations found during telemarketing activities and sending commercial communications.
The Authority, which intervened following 275 reports relating to the period between 1 April 2022 and 28 March 2023, found that the company carried out marketing activities, by telephone and via SMS, in the absence of adequate checks on the obligations regarding information and consent.
Furthermore, Sky did not consult the registration of the users contacted in the Public Register of Oppositions before each promotional campaign.
The complex investigation revealed that some of the users had been contacted based on consent acquired a long time ago and in some cases before the GDPR came into full effect, without the company verifying their suitability even after the change in the regulatory framework.
The documentation of consents acquired from data supply companies also appeared unsuitable to unequivocally demonstrate the will of the interested parties, as Sky stored the details of the consents in editable Excel files. In some cases, in violation of the law, Sky considered valid a consent that contained, in a single formulation, the distinct purposes of marketing and communication of data to third parties for promotional activities. Furthermore, Sky considered suitable the consent to marketing automatically provided by users during registration on the website and that which was mandatory in order to use the service offered.
By imposing a fine of 842,062 euros, the Guarantor ordered Sky to verify, including through random checks, the lawfulness of the users to be contacted and to adopt adequate measures to contextualise the interested party’s desire to receive promotional telephone calls, recording in the systems the methods and times of acquisition of personal data.
In the absence of specific consent from the interested parties, the Authority has prohibited any further processing for promotional purposes of personal data relating to accounts opened on the NOW platform. Having an account for an on-demand platform does not in fact mean having expressed consent to receiving promotional communications.
https://www.garanteprivacy.it/home/docweb/-/docweb-display/docweb/10076607