Multiple Companies – €18,000 Fine (Italy, 2025)

€18,000Garante per la protezione dei dati personali27 March 2025Italy
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Three gym companies in Italy were fined for using customer phone numbers for marketing without permission. They also ignored requests from customers to delete their information. This case shows that companies must respect privacy rights and get consent before using personal data.

What happened

The Italian DPA fined three gym companies for using customer phone numbers for direct marketing without consent.

Who was affected

Customers of Powerfit, Soleo, and Zero Due Villa gyms whose phone numbers were used for marketing.

What the authority found

The authority ruled that the companies violated GDPR by failing to obtain consent for marketing and not responding to deletion requests.

Why this matters

This case reinforces the importance of obtaining consent for marketing communications. Businesses should ensure they respect customer privacy rights to avoid fines.

GDPR Articles Cited

AI-verified

Art. 13(GDPR)
Art. 5(1)(a) GDPR
Art. 6(1)(a) GDPR
Art. 12(1) GDPR
View original scraped data
Art. 5(1) a) GDPR
b) GDPR
Art. 6(1) a) GDPR
Art. 12(1) GDPR
Art. 13(GDPR)

Original data from scraper before AI verification against source document.

Source verified 13 March 2026
articles corrected
national law identified
entity split needed
Italy enforcementGarante per la protezione dei dati personali actionsAll Multiple Companies actions
Full Legal Summary
Detailed

The Italian DPA imposed fines on 3 companies which ammount to EUR 6,000 each. The fined companies (Powerfit s.s.d.a.r.l., Soleo s.s.d.a.r.l. and Zero Due Villa s.s.d.a.r.l.) run a chain of gyms. The controllers used the phone numbers of customers for direct marketing purposes without the consent of the data subjects. The controllers also failed to respond to respect the data subjects right to deletion.

Related Enforcement Actions (0)

No other enforcement actions found for Multiple Companies in IT

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

27 March 2025

Authority

Garante per la protezione dei dati personali

Fine Amount

€18,000

Enforcement Tracker ID

ETid-2677

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Multiple Companies - Italy (2025). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: