Poste Vita S.p.a. – €80,000 Fine (Italy, 2025)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Poste Vita S.p.a. was fined for not keeping personal data secure. An employee was tricked into sharing sensitive information, which could harm the person involved. This case highlights the importance of strong security measures to protect customer data.
What happened
Poste Vita S.p.a. failed to implement adequate security measures, allowing a third party to trick an employee into sharing sensitive personal data.
Who was affected
The affected person whose sensitive data was shared without their consent.
What the authority found
The Italian DPA ruled that Poste Vita S.p.a. did not take necessary steps to secure personal data, violating GDPR's requirements for data security.
Why this matters
This ruling emphasizes that companies must have strong security practices to protect personal data. Small businesses should review their security measures to prevent similar breaches.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The Italian DPA has imposed a fine on Poste Vita S.p.a. The controller failed to implement adequate technical and organisational measures to ensure data security. This resulted in a third party successfully tricking an employee into forwarding sensitive personal data, which was then used against the data subject.
Related Enforcement Actions (0)
No other enforcement actions found for Poste Vita S.p.a. in IT
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
10 July 2025
Authority
Garante per la protezione dei dati personali
Fine Amount
€80,000
Enforcement Tracker ID
ETid-2767
About this data
Cite as: Cookie Fines. Poste Vita S.p.a. - Italy (2025). Retrieved from cookiefines.eu
Last updated: