Arte del Vivere S.r.l. – €5,000 Fine (Italy, 2022)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Arte del Vivere S.r.l. failed to delete a person's personal data from their website after multiple requests. The Italian data protection authority found that the company did not comply with GDPR rules on data deletion. This case highlights the importance of responding to user requests for data removal.
What happened
Arte del Vivere S.r.l. did not delete a person's personal data from their website despite repeated requests.
Who was affected
A person whose contact details were published on the website www.mondoshiatsu.com was affected.
What the authority found
The Garante ruled that Arte del Vivere did not comply with GDPR requirements for deleting personal data upon request.
Why this matters
This ruling emphasizes that companies must take user requests seriously and ensure they can effectively manage personal data. It serves as a reminder for businesses to have clear processes for handling data deletion requests.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
A data subject filed a complaint with the Italian DPA (Garante per la Protezione dei Dati Personali – Garante) due to the publication of his personal data on www.mondoshiatsu.com, a website which shows the contact details of various certified shiatsu massage practitioners. The data subject stated that he was automatically inserted into this portal after having attended an annual training course in this discipline in 2003. Due to the amount of time that had passed since then, and the fact that he never became an actual practitioner, he made numerous requests via telephone and email in order to delete his data, which were not responded. The Garante initiated an investigation, and determined that the company responsible for the publication of the website was Arte del Vivere S.r.l. The Garante then made a request for information related to the company’s failure to respond to the data subject’s request for deletion of his personal data. The Garante was initially unable to notify this request, and had to employ the Finance Police in order to successfully do so. When the company eventually replied, its director stated that they were not the owners of the domain, and had delegated the maintenance of the website to a third party processor. However, the company argued that the website could not be updated because the processor no longer had the credentials to do so. The Garante noted that the contents of the website clearly attribute it to Arte del Vivere, and that as a beneficiary of this website, the company should have contractual or accounting documentation related to the web hosting service. The company was then eventually able to delete the entire website, which had not been updated since 2014, by reporting the issue to the website’s net service host. The Garante stated that Arte del Vivere, as a data controller, proved to be completely unable to guarantee compliance with GDPR and the data subject’s deletion request. The Garante also noted that the company showed a t
Related Enforcement Actions (0)
No other enforcement actions found for Arte del Vivere S.r.l. in IT
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
10 February 2022
Authority
Garante per la protezione dei dati personali
Fine Amount
€5,000
About this data
Cite as: Cookie Fines. Arte del Vivere S.r.l. - Italy (2022). Retrieved from cookiefines.eu
Last updated: