Network of Agencies and Companies – €850,000 Fine (Italy, 2025)

€850,000Garante per la protezione dei dati personali10 April 2025Italy
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

A network of agencies working for Acea Energia SPA was fined €850,000 for aggressive marketing practices without proper legal grounds. The Italian data protection authority found that these companies did not follow data processing rules. This case shows that businesses must ensure they have valid reasons for using personal data in their marketing efforts.

What happened

The network of agencies was fined for lacking sufficient legal basis for their data processing during customer recovery calls.

Who was affected

Individuals who received aggressive marketing and recovery calls from the network of agencies.

What the authority found

The authority ruled that the network violated multiple GDPR principles related to data processing and consent.

Why this matters

This ruling serves as a warning to businesses about the importance of compliance with data protection rules, particularly in aggressive marketing practices.

GDPR Articles Cited

AI-verified

Art. 6(GDPR)
Art. 7(GDPR)
Art. 13(GDPR)
Art. 28(GDPR)
Art. 29(GDPR)
Art. 31(GDPR)
Art. 32(GDPR)
Art. 5(1) GDPR
Art. 58(1)(a) GDPR
View original scraped data
Art. 5(1) GDPR
(2) GDPR
Art. 6 GDPR
Art. 7 GDPR
Art. 13 GDPR
Art. 28 GDPR
Art. 29 GDPR
Art. 31 GDPR
Art. 32 GDPR
Art. 58(1)(a) GDPR

Original data from scraper before AI verification against source document.

Source verified 5 March 2026
national law identified
entity split needed
Italy enforcementGarante per la protezione dei dati personali actionsAll Network of Agencies and Companies actions
Full Legal Summary
Detailed

The Italian DPA imposed a fine of EUR 850,000 on a network of agencies and companies. The network operated on behalf of Acea Energia S.p.A. and engaged in aggresive customer recovery and marketing calls, ETid-2660. The agencies and companies had no sufficient legal basis for the data processing and also failed to comply with other general data processing principles. The severety of the infirngiments vary in between the different agencies and companies. Following individual fines had been imposed: Ms. Stefanelli Federica has been fined with a sum of EUR 45,000. M.G. Company s.r.l had been fined with a sum of EUR 200,000. Fer-Energy s.r.l. had been fined with a sum of EUR 500,000. Fer-Energy Call s.r.l. had been findes with a sum of EUR 75,000. Diemme Group di Di Vico Luigi had been fined with a sum of EUR 30,000.

Related Enforcement Actions (0)

No other enforcement actions found for Network of Agencies and Companies in IT

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

10 April 2025

Authority

Garante per la protezione dei dati personali

Fine Amount

€850,000

Enforcement Tracker ID

ETid-2661

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Network of Agencies and Companies - Italy (2025). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: