IP - 0712-1/2019/2725
|IP (Slovenia) - 0712-1/2019/2725|
|Relevant Law:||Article 58(3) GDPR|
Article 49(1)(g) ZVOP
Article 2 ZInfP
|National Case Number/Name:||0712-1/2019/2725|
|European Case Law Identifier:||n/a|
|Original Source:||Informacijski Pooblaščenec (in SL)|
The Slovenian DPA (IP) issued a non-binding opinion as foreseen under Article 58(3) GDPR regarding spamming e-mails to Slovenian company, which were sent by a travel agency without any prior registration.
English Summary[edit | edit source]
Facts and questions arising[edit | edit source]
A Slovenian company asked the IP whether a travel agency was allowed to send spams to the company's e-mail "info@..." since it hasn't registered to receive such e-mails.
Holding[edit | edit source]
The IP found that the protection of personal data refers to the processing of personal data which relate to an individual. Data relating to an entity are not considered to be personal and, therefore, the data protection rules do not apply to them. In this sense, there is no need for prior informed consent in such cases.
Finally, the IP advised the company to refer its complaint to the competent Agency for Communication Networks and Services (AKOS).
Comment[edit | edit source]
Share your comments here!
Further Resources[edit | edit source]
Share blogs or news articles here!
English Machine Translation of the Decision[edit | edit source]
The decision below is a machine translation of the original. Please refer to the Slovenian original for more details.
Search engine according to GDPR Date: 02/04/2020 Title: Question about sending messages without prior registration Number: 0712-1 / 2019/2725 Subject matter: Direct marketing, sweepstakes, Telecommunications and mail Legal act: Opinion The Information Commissioner (hereinafter referred to as IP) has received an e-mail from you stating that the designated travel agency "spam" the Slovenian domain "info @" without first registering on the mailing list. Accordingly, you are interested in whether they are allowed to do this. On the basis of the information you have provided, hereinafter referred to as Article 58 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and Directive 95/46 / EC (hereinafter referred to as the General Data Protection Regulation or Regulation), point 7 of the first paragraph of Article 49 of the Personal Data Protection Act (Official Gazette RS, No. 94/07, officially consolidated text, hereinafter ZVOP-1) and Article 2 of the Information Commissioner Act (Official Gazette of the Republic of Slovenia, No. 113/05, hereinafter ZInfP), we provide our non-binding opinion regarding your question. IP explains that the protection of personal data refers to the processing of personal data, with personal data being data that point to an individual. Data relating to a legal entity and other business entities (eg e-mail email@example.com) are not protected personal data, therefore they are not subject to the rules of personal data protection. Prior informed consent is therefore not required in such a case. Corporate marketing rules are governed by the Electronic Communications Act (ZEKom-1) and the Electronic Commerce Market Act (ZEPT). The provisions of ZEKom-1 and ZEPT are overseen by the Agency for Communications Networks and Services (AKOS) and the Market Inspectorate of the RS (TIRS). If you believe that this is a violation of the rules of law, you can report directly to AKOS.