Details:
| Summary | The Swedish DPA has imposed a fine of EUR 720,000 on Klarna Bank AB. Klarna is a financial company that processes a large number of personal data in various ways. As part of its investigation, the DPA found that Klarna had not properly complied with its information obligations. For example, Klarna did not provide sufficient information on its website about the purpose and legal basis for the processing of personal data. In addition, with regard to the transfer of data to Swedish and foreign credit agencies, Klarna provided incomplete information about the recipients of the personal data. Klarna also failed to provide information about third countries where personal data is transferred to. Finally, the DPA found that Klarna insufficiently informed data subjects about their rights under the GDPR. |
| Link: | link link |
| Related articles: | Art. 5 (1) a) GDPR, Art. 5 (2) GDPR, Art. 12 (1) GDPR, Art. 13 (2) f) GDPR, Art. 14 (2) g) GDPR |
| Type: | Insufficient fulfilment of information obligations |
| Fine: | EUR 720,000 |
| Sector | Finance, Insurance and Consulting |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/