Amazon Europe Core S.à.r.l. – Fine (Luxembourg, 2021)

Fine
Commission Nationale pour la Protection des Données16 July 2021Luxembourg
overturned
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

Amazon's fine for data protection violations was overturned by a Luxembourg court. This matters because it shows that companies can challenge fines if they believe they were unfairly imposed. Small businesses should know they have the right to appeal decisions made against them.

What happened

A Luxembourg court revoked a fine imposed on Amazon for not processing personal data correctly.

Who was affected

Amazon Europe Core S.à.r.l., which was fined for data protection issues.

What the authority found

The court held that the data protection authority had not adequately considered whether the fine was appropriate and based it on objective liability alone.

Why this matters

This ruling indicates that companies can successfully contest fines if they believe the process was flawed. Businesses should be aware of their rights in such situations.

GDPR Articles Cited

AI-verified

Art. 5(1)(a) GDPR
Art. 6(1) GDPR
View original scraped data
Unknown

Original data from scraper before AI verification against source document.

Decision AuthorityLuxembourg Administrative Court
Reviewed AuthorityCNPD
Source verified 14 April 2026
articles corrected
amount discrepancy
Luxembourg enforcementCommission Nationale pour la Protection des Données actionsAll Amazon Europe Core S.à.r.l. actions
Full Legal Summary
Detailed

In its quarterly report, Amazon.com Inc. announced that the DPA from Luxembourg (CNPD) had fined Amazon Europe Core S.à r.l. EUR 746,000,000 for failing to process personal data in compliance with the GDPR. Amazon plans to take legal action against the decision. ---Update--- The Luxembourg Administrative Court overturned the DPA's decision, resulting in the fine being revoked. The court argued that the DPA had decided purely on a form of objective liability, failing to take fault into account. The DPA also failed to adequately assess whether the fine was appropriate.

Related Enforcement Actions (0)

No other enforcement actions found for Amazon Europe Core S.à.r.l. in LU

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

16 July 2021

Authority

Commission Nationale pour la Protection des Données

Enforcement Tracker ID

ETid-778

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Amazon Europe Core S.à.r.l. - Luxembourg (2021). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: