Vodafone – €40,000 Fine (Greece, 2023)
Vodafone received a fine of EUR 40,000 for sharing a customer's call records with another person. This mistake happened because they didn't handle the request properly and also failed to report the issue quickly. This case highlights the importance of protecting customer information and responding to data requests correctly.
What happened
Vodafone mistakenly provided another customer’s call records to an individual who requested access to their own records.
Who was affected
Customers whose call records were mishandled by Vodafone.
What the authority found
The Hellenic Data Protection Authority found that Vodafone violated data protection rules by not properly managing personal data requests.
Why this matters
This ruling emphasizes that companies must take data protection seriously and act quickly when mistakes happen. It serves as a reminder for businesses to improve their data handling practices.
GDPR Articles Cited
Entities Involved
The Hellenic DPA has imposed a fine of EUR 40,000 on Vodafone. An individual had filed a complaint with the DPA because, following a request for access to records of conversations with a Vodafone call center, Vodafone had provided them with another customer's conversations. Vodafone in addition failed to report this incident to the DPA in a timely manner.
Violations (1)
Non-essential cookies (tracking, advertising) are placed on the user's device before obtaining valid consent.
Art. 6(1) GDPR
Related Enforcement Actions (2)
Other enforcement actions involving Vodafone in GR
Fine
€40K
Similar Cases
Enforcement actions with similar violations
Details
Fine Date
20 February 2023
Authority
Hellenic Data Protection Authority
Fine Amount
€40,000
Enforcement Tracker ID
ETid-1767
GDPRhub ID
gdprhub-5818About this data
Cite as: Cookie Fines. Vodafone - Greece (2023). Retrieved from cookiefines.eu
Last updated: