Digital Policy Alert logo

Luxembourg: CNPD issues EUR 746 million fine for Amazon's breach of GDPR rules by using personal data without consent

Policy overview

Description

CNPD issues EUR 746 million fine for Amazon's breach of GDPR rules by using personal data without consent

On 15 July 2021, the National Commission for Data Protection (Commission national pour la protection des données - CNPD) fined Amazon with a sanction of EUR 746 million for not complying with the EU General Data Protection Regulation (GDPR). Amazon allegedly used personal data without consent. The fine was publicly disclosed by Amazon in its quarterly results and confirmed by the CNPD later without the authority commenting on the matter. The full ruling is expected after the appeal deadline passes. Amazon however has the possibility to appeal the decision before the administrative tribunal within 3 months after the ruling.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Data protection regulation
Regulated Economic Activity
platform intermediary: e-commerce
Implementation Level
national
Government Branch
executive
Government Body
data protection authority

Complete timeline of this policy change

Hide details
2021-07-15
in force

On 15 July 2021, the National Commission for Data Protection (Commission national pour la protectio…

2025-03-18
in force

On 18 March 2025, the Administrative Court of Luxembourg confirmed the decision of the National Dat…

We use cookies and other technologies to perform analytics on our website. By opting in, you consent to the use by us and our third-party partners of cookies and data gathered from your use of our platform. See our Privacy Policy to learn more about the use of data and your rights.