Klarna fined over £570,000 for GDPR violations

Buy Now, Pay Later (BNPL) pioneer Klarna has been handed a SEK7.5 million (£574,000 fine) for violating the EU's General Data Protection Regulation (GDPR) rules.

On Monday, Sweden's Administrative Court of Appeal ruled in favour of the Swedish Authority for Privacy Protection (IMY), formerly the Swedish Data Protection Agency (SDPA), which said in March 2022 that Klarna had not complied with GDPR rule around how it informs users about its handling of their personal data.

The court concluded that Klarna failed to give clients sufficient information about how it would store their personal data and that the privacy notes were unclear or difficult to access. The case specifically related to privacy notes used between March and June 2020, though Klarna has since updated those terms and conditions.

GDPR compels companies to inform users and clients about how and why they handle personal data, including ‘the right to be forgotten' where individuals can make a request for erasure verbally or in writing.

Monday’s ruling restores the fine to the full amount originally sought by the SDPA after a lower court last year reduced the fine to SEK6 million (£459,000).

A spokesperson for the company told Reuters that it was “too early to comment” on the ruling. In response to the original report in 2022 Klarna said that the case revolved around the privacy information provided to clients, and that it had nothing to do with its actual data collection or handling processes.



Share Story:

Recent Stories


Safeguarding economies: DNFBPs' role in AML and CTF compliance explained
Join FStech editor Jonathan Easton, NICE Actimize's Adam McLaughlin and Graham Mackenzie of the Law Society of Scotland as they look at the role Designated Non-Financial Businesses and Professions (DNFBPs) play in the financial sector, and the challenges they face in complying with anti-money laundering and counter-terrorist financing regulations.

Ransomware and beyond: Enhancing cyber threat awareness in the financial sector
Join FStech editor Jonathan Easton and Proofpoint cybersecurity strategist Matt Cooke as they discuss the findings of the State of the Phish 2023 report, diving into key topics such as awareness of cyber threats, the sophisticated techniques being used by criminals to target the financial sector, and how financial institutions can take a proactive approach to educating both their employees and their customers.

Click here to read the 2023 State of the Phish report from Proofpoint.

Cracking down on fraud
In this webinar a panel of expert speakers explored the ways in which high-volume PSPs and FinTechs are preventing fraud while providing a seamless customer experience.

Future of Planning, Budgeting, Forecasting, and Reporting
Sage Intacct is excited to present FSN The Modern Finance Forum’s “Future of Planning, Budgeting, Forecasting, and Reporting Global Survey 2022” results. With participation from 450 companies around the globe, the survey results highlight how organisations are developing their core financial processes by 2030.