Excerpt from Finextra Article, Published on Mar 13, 2024

In a recent ruling, a Swedish court of appeal has upheld a fine of $733,000 against Klarna for breaching the EU’s General Data Protection Regulation (GDPR). The fine was imposed by the Swedish Authority for Privacy Protection (IMY) in March 2022 due to Klarna’s failure to adequately inform customers about its data storage practices.

The initial penalty of SEK 7.5 million ($733,000) stemmed from Klarna’s use of privacy notes between March and June 2020, which were deemed insufficient in providing clarity to consumers regarding their personal data. Klarna contested the decision, citing ambiguity in the privacy notes, and subsequently appealed the fine. Despite Klarna’s objections, the Administrative Court of Appeal recently reaffirmed the original fine, overturning a prior ruling that had reduced the penalty to SEK 6 million. This decision marks a significant setback for Klarna, a major player in the online payment industry.

When approached for comment, a spokesperson for Klarna informed Reuters that it is “too early to comment” on the court’s ruling. The outcome of this case underscores the importance of compliance with GDPR regulations, particularly concerning transparency and accountability in handling personal data.

This legal saga serves as a reminder to businesses operating within the EU or handling EU citizens’ data that adherence to GDPR standards is not optional. With data privacy concerns at the forefront of consumer consciousness, companies must prioritize robust data protection measures to avoid substantial penalties and safeguard their reputation.

To delve deeper into this topic, please read the full article on Finextra.