Aimag S.p.A. – €300,000 Fine (Italy, 2025)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Aimag S.p.A. was fined EUR 300,000 for not properly securing customer login procedures and consent for promotional messages. This means their customers' data was at risk. Businesses must ensure they have strong security and clear consent processes to protect user information.
What happened
Aimag S.p.A. was fined for insufficient security in their customer login process and inadequate consent for promotional communications.
Who was affected
Customers of Aimag S.p.A. who used the service to view their consumption data on the company's website.
What the authority found
The Italian DPA ruled that Aimag S.p.A. did not comply with GDPR requirements for data security and user consent.
Why this matters
This ruling emphasizes the need for companies to have secure login processes and clear consent mechanisms. Failing to do so can lead to significant fines and risks to customer data.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The Italian DPA has imposed a fine of EUR 300,000 on Aimag S.p.A. The controller offered its customers a service that allowed them to view their consumption data on the controller's website, but the log-in procedure was insufficient. The way the controller gained consent for the use of promotional messages was also inadequate.
Related Enforcement Actions (0)
No other enforcement actions found for Aimag S.p.A. in IT
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
27 November 2025
Authority
Garante per la protezione dei dati personali
Fine Amount
€300,000
About this data
Cite as: Cookie Fines. Aimag S.p.A. - Italy (2025). Retrieved from cookiefines.eu
Last updated: