Uber Technologies Inc. Uber B.V. – €10,000,000 Fine (Netherlands, 2023)

€10,000,000Autoriteit Persoonsgegevens11 December 2023Netherlands
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

The Dutch DPA has fined Uber Technologies Inc. and Uber B.V. EUR 10 million for failing to provide sufficient information about the storage period of European drivers' data and the countries outside of the EU to which the data was transferred. The DPA also found that Uber made it unnecessarily difficult for drivers to request access to their data. Although there was a digital form in the app that drivers could use to request access, it was not placed in an easily accessible position. In addition, Uber did not respond to the requests of data subjects in a comprehensible manner. In determining the amount of the fine, the DPA took into account the size of the company and the severity and scope of the infringements. At the time of Uber's infringements, around 120,000 drivers were working for Uber in Europe.

GDPR Articles Cited

AI-verified

Art. 12(1) GDPR
Art. 13(1)(f) GDPR
Art. 13(2)(a) GDPR
View original scraped data
Art. 12(1) GDPR
(2) GDPR
Art. 13(1)(f) GDPR
Art. 13(2)(a) GDPR
b) GDPR

Original data from scraper before AI verification against source document.

Source verified 4 March 2026
date discrepancy
Netherlands enforcementAutoriteit Persoonsgegevens actionsAll Uber Technologies Inc. Uber B.V. actions
Full Legal Summary

The Dutch DPA has fined Uber Technologies Inc. and Uber B.V. EUR 10 million for failing to provide sufficient information about the storage period of European drivers' data and the countries outside of the EU to which the data was transferred. The DPA also found that Uber made it unnecessarily difficult for drivers to request access to their data. Although there was a digital form in the app that drivers could use to request access, it was not placed in an easily accessible position. In addition, Uber did not respond to the requests of data subjects in a comprehensible manner. In determining the amount of the fine, the DPA took into account the size of the company and the severity and scope of the infringements. At the time of Uber's infringements, around 120,000 drivers were working for Uber in Europe.

Related Enforcement Actions (0)

No other enforcement actions found for Uber Technologies Inc. Uber B.V. in NL

This is the only recorded action for this entity in this jurisdiction.

Details

Fine Date

11 December 2023

Authority

Autoriteit Persoonsgegevens

Fine Amount

€10,000,000

Enforcement Tracker ID

ETid-2199

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Uber Technologies Inc. Uber B.V. - Netherlands (2023). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: