In a landmark ruling, Swedish payments giant Klarna has been fined 7.5 million crowns ($733,000) for breaching the European Union’s GDPR.
According to Reuters, The Court of Appeal in Sweden found Klarna guilty of not providing clear and accessible information regarding the storage of personal data of its users. This decision underscores the stringent regulatory environment companies must navigate in handling user data and the hefty penalties for non-compliance.
Klarna, a leading player in the FinTech sector known for its buy now, pay later services, was scrutinized for its privacy notices between March and June 2020. The court highlighted that these notices were either unclear or difficult for clients to access, thereby violating GDPR requirements. The GDPR mandates that companies must transparently inform users about the handling of their personal data, including collection, usage, and storage specifics.
The ruling follows an audit conducted by the Swedish Data Protection Agency (SDPA), focusing on the adequacy of privacy information Klarna provided to its clients in 2020. While Klarna has updated its privacy notes since then, the court’s decision to impose the original fine sought by the SDPA, overturning a lower court’s decision for a reduced fine, signifies the importance of compliance with data protection laws.
A Klarna spokesperson commented on the ruling, stating, “We have just received the court’s decision, and it is too early to comment.” This response indicates the company’s cautious approach as it assesses the implications of the court’s decision.
The case against Klarna serves as a potent reminder of the critical importance of GDPR compliance for companies operating within the EU. It also highlights the ongoing challenges faced by FinTech companies in balancing innovative financial solutions with rigorous data protection standards.
Copyright © 2024 RegTech Analyst
Copyright © 2018 RegTech Analyst