Hello, I have a GDPR related question about SPAM email. I got a spam email from some random company which I haven't used any services from and I didn't give them my information. And on the bottom of the email, it says something like "if your unsubscribe link doesn't work, please send us an email...Related to local regulations, this email can't be treated as SPAM because it includes contact information about the sender and you have the option for unsubscribing". I checked the local (Croatian) law, and it says something like that companies can use contact information from their users/customers/ in the cause of sales, promotion with the possibility of unsubscribing. I never gave them my contact information. How could we look at this from the EU GDPR context?
What you are describing is commonly referred to as unsolicited marketing. The EU GDPR states that for marketing you need to obtain the consent of the data subject. Also, the ePrivacy Directive imposes additional constraints if you market by telephone, email or fax.
For example, you can only send direct marketing to someone by email if:
- they have given you consent; or
- you have an existing relationship with them and fall within the so-called similar products and services exemption
Unless one of the two criteria apply I would suggest to file a complaint to your local Supervisory Authority.