H&M Hennes & Mauritz GBC AB – €30,000 Fine (Sweden, 2023)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
H&M was fined €30,000 for sending marketing messages to people who had opted out. This case is significant because it shows that companies must respect users' choices about receiving marketing. Small businesses should ensure they have proper systems to manage opt-out requests.
What happened
H&M sent marketing messages to individuals despite them exercising their right to object.
Who was affected
Six individuals who opted out of receiving marketing messages from H&M were affected.
What the authority found
The Swedish DPA found that H&M did not have adequate procedures in place to handle opt-out requests from users.
Why this matters
This ruling emphasizes the need for businesses to implement effective systems for managing user preferences. Companies should prioritize respecting user choices to avoid penalties.
GDPR Articles Cited
The Swedish DPA has imposed a fine of EUR 30,000 on H&M for sending out marketing messages, despite the fact that data subjects had exercised their right to objection. Six data subjects had filed a complaint against the controller with the DPA. The DPA found that the controller did not have sufficient systems and procedures in place to facilitate data subjects exercising their right to object to direct marketing.
Related Enforcement Actions (0)
No other enforcement actions found for H&M Hennes & Mauritz GBC AB in SE
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
17 October 2023
Authority
Integritetsskyddsmyndigheten
Fine Amount
€30,000
Enforcement Tracker ID
ETid-2070
About this data
Cite as: Cookie Fines. H&M Hennes & Mauritz GBC AB - Sweden (2023). Retrieved from cookiefines.eu
Last updated: