In 2026, processing for marketing purposes has continued to be a central focus of enforcement activity by Italy’s Data Protection Authority (the Garante). Electronic marketing, teleselling, consent management and data retention periods have been scrutinised not in isolation, but as interconnected elements of broader commercial strategies that directly affect the rights and freedoms of data subjects. Telemarketing was included in the Garante’s inspection plan for the second half of 2025 specifically for the energy sector.(1)

Origin of the Verisure fine and nature of the complaints

The Garante’s €400,000 fine on 27 November 2025 on Verisure,(2) provider of professionally monitored smart alarm systems, related to improper direct marketing and consent handling. The fine stemmed from a complaint submitted to the Authority at the end of 2024, followed by a separate report submitted three months later by a different individual.