The Spanish Data Protection Agency (AEPD) has fined a company 5,000 euros for continuing to send advertising and commercial communication to a client who twice requested cancellation.
The AEPD has ratified the fine after rejecting the appeal filed by the sanctioned company since it has yet to provide new facts or arguments that would allow the validity of the fine imposed to be reconsidered.
The client registered on the company’s website to place an order, at which point she accepted all the general purchasing conditions, the privacy policy, the newsletter subscription, and associate offers.
Shortly after, she requested to unsubscribe to stop receiving advertising information. She received confirmation that the unsubscription had been carried out “correctly,” but she continued to receive more advertising in her email.
The woman again requested the unsubscription, but she received more commercial emails, so she wrote an email to the company asking that she not be sent any more advertising.
The client brought the facts to the attention of the Spanish Data Protection Agency (AEPD), which resolved the matter by imposing a financial penalty of 5,000 euros on the company.
The company appealed the sanction, alleging that the section on its privacy policy page explains how to request unsubscription and indicates to which email the client should have sent the request to suspend the subscription, an email address to which the client did not write but rather wrote to another email that only sends commercial communications but in no case receives information.
Therefore, given that the client incorrectly requested unsubscription under the provisions of her data policy, she was not unsubscribed. Months later, when she finally unsubscribed, she contacted the company through the contact email enabled for customers, in which she informed us of her desire to end the subscription to the newsletter and commercial communications.
However, the AEPD has rejected the company’s appeal since no new evidence was provided to reconsider the validity of the sanction.
The Agency states that, from the copies of the advertising emails received by the claimant, none of them include the email address that the appellant alleges is the correct one to proceed with the cancellation. However, what does appear in those advertising emails sent to the client is the option to click on the link at the end of them to cancel the subscription.
The client used that link with the term ‘unsubscribe‘ to exercise her right to object to receiving more emails of this type. The company, in response, confirmed the unsubscription with the message: “You have been unsubscribed correctly.” This confirmation further supports the client’s actions and the argument for reconsideration.
For all these reasons, the AEPD has proven that the client tried, at least on two occasions, to unsubscribe through the existing mechanism in the emails received, obtaining an affirmative response if she had succeeded. Likewise, it has also been proven that she sent an email informing of her desire to stop receiving commercial communication.
With all this, we reiterate the importance of a data protection policy implemented correctly and transparently. This is crucial for avoiding sanctions from the AEPD and maintaining trust with our clients. (source E&J)
Leave A Comment
You must be logged in to post a comment.