Data subject against COMET S.P.A. – Court Ruling (Italy, 2022)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A customer asked Comet S.P.A. for details about how her personal data was used for marketing, but the company didn't respond. The court in Bologna emphasized the importance of protecting personal data rights, highlighting that data protection is crucial in today's market-driven world. This case reminds businesses to take customer data requests seriously and comply with data protection rules.
What happened
Comet S.P.A. failed to respond to a customer's request for information about the use of her personal data.
Who was affected
The customer who requested information about her personal data usage for marketing purposes.
What the authority found
The court highlighted the importance of protecting personal data rights and emphasized that businesses must respect these rights even in a market-driven context.
Why this matters
This case underscores the need for businesses to comply with data requests and highlights the broader importance of data protection in the digital economy. Companies should ensure they have processes in place to handle such requests promptly.
A data subject made an access request to Comet s.p.a., the controller, to verify the lawfulness of the processing of her personal data for marketing purposes. In particular, she requested the information provided for in Article 15(1)(a) and (h) GDPR, and a copy of the personal data in possession of the controller. The controller did not respond to the request. Therefore, the data subject appealed to the Tribunal of Bologna, requesting an order for the fulfilment of her right under Article 15 GDPR. She stated that the controller must (have) processed her personal data, since she had a 'loyalty card' from the controller and documentation relating to the purchase of a smart TV (receipt and financing contract). The Court held that it was becoming increasingly crucial to protect people's rights when it comes to the processing of their personal data, especially from an economic standpoint. In doing so, it is necessary to remember that protecting people's fundamental rights cannot be sacrificed in favour of the interests of the market alone. The Court recalled that the GDPR, although known as the Privacy Regulation, actually has a far wider scope of application that extends beyond and individual's right to privacy, which is historically linked to their most private sphere. While the liberal concept of privacy requires essentially refraining from something for its protection, the current conception of privacy has an interactive and dynamic nature. It particularly concerns personal data and their circulation. The right to data protection is the cornerstone of the (positive) freedom to fully control the flow of an individual's own data. It is distinct from the (negative) freedom not to be interfered with in an individual's own private sphere. This is also, and above all, in the logic of market regulation covered by the GDPR. The Court added that it was sufficient to say that the Economist' described personal data as the new 'most valuable resource', i.e. the new oil. The
Outcome
Court Ruling
A ruling by a national court on a data-protection matter.
Related Cases (0)
No other cases found for Data subject against COMET S.P.A. in IT
This is the only recorded case for this entity in this jurisdiction.
Details
About this data
Cite as: Cookie Fines. Data subject against COMET S.P.A. - Italy (2022). Retrieved from cookiefines.eu
Last updated: