Aimon Srl – €200,000 Fine (Italy, 2021)

€200,000Garante per la protezione dei dati personali25 November 2021Italy
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

The Italian Data Protection Authority fined Aimon Srl EUR 200,000 for sending unsolicited SMS ads using unlawfully obtained data. Aimon contracted other providers who used unverified lists from foreign companies. This case stresses the need for companies to verify the legality of data sources before use.

What happened

Aimon Srl was fined for sending unsolicited SMS ads using data from unverified and illegal sources.

Who was affected

Individuals who received unsolicited SMS advertising from Aimon Srl.

What the authority found

The authority found that Aimon processed personal data unlawfully by using unverified lists, violating GDPR requirements.

Why this matters

This ruling serves as a warning for companies to ensure their data sources are legitimate and verified. It highlights the risks of using third-party data without proper due diligence, reinforcing the importance of compliance with data protection laws.

GDPR Articles Cited

AI-verified

Art. 12 GDPR
Art. 21 GDPR
Art. 5(1)(a) GDPR
Art. 6(1)(a) GDPR
View original scraped data
Art. 5(1)(a) GDPR
Art. 6(1)(a) GDPR
Art. 12 GDPR
Art. 21 GDPR

Original data from scraper before AI verification against source document.

National Law Articles

AI-identified

Art. 122 Codice Privacy
Source verified 6 March 2026
national law identified
Italy enforcementGarante per la protezione dei dati personali actionsAll Aimon Srl actions
Full Legal Summary
Detailed

The Italian DPA has imposed a fine of EUR 200,000 on Aimon Srl. Two data subjects had complained about unsolicited SMS advertising from B&T S.p.A. to the DPA. In the course of the investigation, Garante discovered that B&T had contracted Aimon to send promotional SMS messages to potential customers. Aimon then contracted other providers, which in turn had purchased their databases from third parties. As it turned out, the other providers had obtained the data of the contacted individuals from unverified and illegal lists of foreign companies, some of whose information came from registrations on information portals or online gambling. The DPA found that Aimon had thus processed the data unlawfully.

Related Enforcement Actions (0)

No other enforcement actions found for Aimon Srl in IT

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

25 November 2021

Authority

Garante per la protezione dei dati personali

Fine Amount

€200,000

Enforcement Tracker ID

ETid-1027

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Aimon Srl - Italy (2021). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: