Amazon Europe Core S.à.r.l. – Fine (Luxembourg, 2021)

Fine
Commission Nationale pour la Protection des Données16 July 2021Luxembourg
overturned
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

A Luxembourg court overturned a massive fine against Amazon for not complying with data protection rules. The court found that the data protection authority had not properly considered whether Amazon was at fault. This decision is crucial for companies facing similar penalties, as it emphasizes the need for fair assessments.

What happened

The court revoked a €746 million fine against Amazon, stating the data protection authority failed to assess fault appropriately.

Who was affected

The ruling affected Amazon Europe Core S.à.r.l., which was fined for alleged data protection violations.

What the authority found

The court held that the fine was inappropriate because the authority did not adequately evaluate Amazon's level of responsibility.

Why this matters

This case sets a precedent for how fines are assessed in data protection cases, highlighting the importance of considering intent and fault. Companies should ensure they understand the basis for any penalties they face.

Source verified 14 April 2026
articles corrected
amount discrepancy
Luxembourg enforcementCommission Nationale pour la Protection des Données actionsAll Amazon Europe Core S.à.r.l. actions
Full Legal Summary
Detailed

In its quarterly report, Amazon.com Inc. announced that the DPA from Luxembourg (CNPD) had fined Amazon Europe Core S.à r.l. EUR 746,000,000 for failing to process personal data in compliance with the GDPR. Amazon plans to take legal action against the decision. ---Update--- The Luxembourg Administrative Court overturned the DPA's decision, resulting in the fine being revoked. The court argued that the DPA had decided purely on a form of objective liability, failing to take fault into account. The DPA also failed to adequately assess whether the fine was appropriate.

Related Enforcement Actions (0)

No other enforcement actions found for Amazon Europe Core S.à.r.l. in LU

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

16 July 2021

Authority

Commission Nationale pour la Protection des Données

Enforcement Tracker ID

ETid-778

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Amazon Europe Core S.à.r.l. - Luxembourg (2021). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: