Italian Data Protection Authority: contracts concluded via telemarketing without original consent to receive promotional phone calls must be remedied.

The Italian Data Protection Authority has remarked important data protection principles in the context of telemarketing, including the following:

• without adequate control by contractors of the entire "chain" of operations leading from the original telemarketing contact to the conclusion of a contract, the contractor remains liable for the activities and wrongdoing committed by call centers and agencies;
• a contract acquired in breach of the data protection rules should not be registered in the platforms and systems of the principal, since the same would be originated by an unlawful act and in breach of Article 2-decies of the Italian Data Protection Code, according to which "Personal data processed in breach of the relevant rules on the processing of personal data may not be used..."
• in order to comply with the contractual will of the data subject (who - even if contacted illicitly - has then chosen to enter into the contract), a procedure of  verification is required: the client must be made aware of the original illicit (failure to acquire consent to receive the call or promotional contact on the basis of which the contract was then concluded) and asked to confirm his/her will in light of this information;
• principals, acquiring in their systems the personal data of individuals who, after being contacted, have joined the proposed offers, should take special guarantee measures in order to prove that such contracts originated from contacts made in full compliance with the provisions on the protection of personal data, in particular those in Articles 5, 6 and 7 of the GDPR relating to consent.