Thursday, July 09, 2026

Eni's response


Over the past few days, we have seen that, in July 2024, I submitted a formal request for rectification to Eni's Data Protection Officer (DPO) concerning the document "Questions & Answers before the General Shareholders' Meeting 2017", pursuant to Article 16 of the General Data Protection Regulation (GDPR).

The request was straightforward.

It asked that certain statements contained in that document be examined in light of the documentary evidence gathered over more than two decades.

On 22 August 2024, I received ENI's official response.

The Company rejected my request for rectification in its entirety.

According to the response issued by Eni's DPO, the purpose of the 2017 document was to record the questions submitted by shareholders and the Company's answers before the General Shareholders' Meeting.

For that reason, the DPO concluded that:

📌 "The information contained therein must be considered accurate, as it faithfully reflects the discussions held during the Ordinary General Shareholders' Meeting".

That response became the Company's principal justification for keeping the document published since 2017 unchanged.

However, after carefully examining that reasoning, I identified what I considered to be a fundamental issue.

The document "Questions & Answers before the General Shareholders' Meeting" does not record the discussions that took place during the General Shareholders' Meeting.

It contains only the questions submitted in advance by shareholders and the answers prepared by the Company before the meeting took place.

That issue became the turning point in this case.

Rather than continuing to debate the matter directly with Eni, I filed a formal complaint with The Italian Data Protection Authority(GPDP), the authority responsible for enforcing the GDPR in Italy.

Tomorrow, we will examine exactly why this distinction became one of the central issues in the proceedings currently pending before The Italian Data Protection Authority (GPDP).

Because, from this point forward, the documents speak for themselves.

To be continued on Friday.


✅ Learn more

1️⃣ Request for Rectification submitted to Eni's Data Protection Officer (2024);

2️⃣ Eni's Response (22 August 2024);

3️⃣ Complaint submitted to The Italian Data Protection Authority (GPDP).

Wednesday, July 08, 2026

Eni's Data Protection Officer


Yesterday, we saw that, since 2017, an official document containing
Eni's institutional version of the Flinto Case has remained publicly available on the Company's website.

But the issue has never been the existence of that document.

The issue has always been its content.

Over the years, after gathering dozens of documents produced by Eni itself, by Brazilian and Italian public authorities, and by independent third parties, it became evident that part of the statements contained in that document were inconsistent with the available body of documentary evidence.

It was precisely for this reason that I submitted my request for rectification to
Eni's Data Protection Officer (DPO).

My objective was never to remove that document.

My objective was simply to request that certain statements be examined in light of the available documentary evidence.

Among them:

📌 "The former employee was dismissed together with other individuals guilty of unlawful conduct..."

🔹 In my request for rectification, I asked that this statement be examined against the chronology of events and the decisions issued by the Brazilian authorities, including the Brazilian Labour Court.

📌 "...for reticence..."

🔹 I requested that this statement be assessed in light of the documents produced during Eni's internal investigations and the other records available regarding the case.

📌 "...for breaching his duty of confidentiality..."

🔹 I also requested that this statement be examined in light of the existing documentary evidence and the actual sequence of events.

📌 "...for attempting to misuse Eni's Code of Ethics in order to obtain personal advantages from the Company"

I requested that this statement be examined together with Eni's own Code of Ethics and the documents that had been submitted to the Company over more than two decades.

These four statements subsequently became the core of the discussion presented to Eni's Data Protection Officer (DPO) and later to The Italian Data Protection Authority (GPDP).

Tomorrow, we will see how ENI responded to my request for rectification.

And why that response ultimately led to the complaint filed before The Italian Data Protection Authority (GPDP).

Because, from this point forward, the documents speak for themselves.

To be continued on Thursday.