TIM S.p.A. – €7,631,175 Fine (Italy, 2023)

€7,631,175Garante per la protezione dei dati personali13 April 2023Italy
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

TIM S.p.A. was fined for making unauthorized marketing calls to people who had opted out. This matters because it shows that companies must respect people's choices about their personal data. The case highlights the importance of honoring opt-out lists and responding to customer inquiries about data use.

What happened

TIM S.p.A. contacted individuals for marketing purposes without their consent, even when they were on opt-out lists.

Who was affected

Individuals who received unauthorized marketing calls from TIM S.p.A., despite being on opt-out lists or not giving consent.

What the authority found

The Italian DPA found that TIM S.p.A. violated GDPR by conducting unauthorized telemarketing and failing to respond adequately to data inquiries.

Why this matters

This case underscores the importance of respecting consumer privacy choices and maintaining robust data protection practices. Companies should ensure they have proper consent for marketing activities and address data-related inquiries promptly.

GDPR Articles Cited

AI-verified

Art. 6 GDPR
Art. 7 GDPR
Art. 13 GDPR
Art. 14 GDPR
Art. 5(2) GDPR
Art. 12(2) GDPR
Art. 15(1) GDPR
Art. 32(1)(b) GDPR
View original scraped data
Art. 5(2) GDPR
Art. 6 GDPR
Art. 7 GDPR
Art. 12(2) GDPR
(3) GDPR
Art. 13 GDPR
Art. 14 GDPR
Art. 15(1) GDPR
Art. 32(1)(b) GDPR

Original data from scraper before AI verification against source document.

Source verified 4 March 2026
articles corrected
entity split needed
Italy enforcementGarante per la protezione dei dati personali actionsAll TIM S.p.A. actions
Full Legal Summary
Detailed

The Italian DPA has fined TIM S.p.A. EUR 7,631,175. The DPA had received numerous complaints about the telecommunications provider, mainly for unauthorized telemarketing activities. The Italian DPA is currently taking stronger action against unauthorized telemarketing. In its investigation against TIM, the DPA found that the controller was contacting individuals for marketing purposes even though they were registered on opt-out lists or had not given their consent for their data to be processed for marketing purposes. In addition, the controller failed to adequately respond to data subject inquiries and to comply with its information obligations under Art. 13, 14 GDPR. . Finally, the DPA found that the controller failed to adequately investigate and address a data breach.

Related Enforcement Actions (2)

Other enforcement actions involving TIM S.p.A. in IT

Fine
Jan 2020· Garante per la protezione dei dati personali

The case focused on unsolicited promotional calls and deficiencies in data subject request responses, not on cookies or consent mechanisms.

€27.8M
Fine
Nov 2021· Garante per la protezione dei dati personali

The Italian DPA (Garante) has fined mobile operator TIM S.p.A. EUR 150,000 for denying a data subject access to his phone data needed to defend himsel...

€150K
Current
Apr 2023

Fine

€7.6M

Details

Fine Date

13 April 2023

Authority

Garante per la protezione dei dati personali

Fine Amount

€7,631,175

Enforcement Tracker ID

ETid-1871

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. TIM S.p.A. - Italy (2023). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: