Klarna fined £574k over breaking EU GDPR rules

credit: Shutterstock
credit: Shutterstock

Buy Now, Pay Later (BNPL) powerhouse Klarna has been hit with a £574,000 (SEK 7.5m) fine over breaking the EU’s General Data Protection Regulation (GDPR) guidelines. 

Klarna had not complied with GDPR rules stemming from an incident in March 2022, where Sweden’s Administrative Court of Appeal ruled in favour of the Swedish Authority for Privacy Protection (IMY) found the BNPL firm to have mishandled customer personal data. 

The court ruling found Klarna to have failed in its responsibility to provide sufficient information regarding customer personal data as it was deemed that its privacy notes were unclear and/or difficult to access. 

Privacy notes between March and June 2020 were of particular focus of the IMY, as it was during this time period that Klarna failed to specify its customers on their personal data guidelines, although Klarna has updated its terms and conditions since then. 

GDPR outlines that companies must inform users and customers on how and why their personal data is being used. 

The fine has now been raised back to the original penalty of £574,000 after a lower Swedish court lowered the fine to £459,000 (SEK 6m).