American Express Services Europe Limited – €105,300 Fine (United Kingdom, 2021)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The UK fined American Express for sending over 4 million marketing emails to people who had opted out. AMEX wrongly labeled these as 'servicing' emails, but they were actually marketing messages. This matters because it shows companies can't bypass consent rules by mislabeling emails.
What happened
American Express sent 4,098,841 marketing emails to people who had opted out of receiving them.
Who was affected
Subscribers who had opted out of receiving marketing emails from American Express.
What the authority found
The ICO found that AMEX violated UK data protection rules by sending marketing emails without proper consent.
Why this matters
This case highlights the importance of correctly categorizing emails and respecting user consent. Businesses should ensure they have clear consent before sending marketing messages, as mislabeling can lead to significant fines.
National Law Articles
Entities Involved
The case involved sending direct marketing emails to subscribers who had opted out, unrelated to cookies or consent mechanisms.
Violations (1)
Non-essential cookies (tracking, advertising) are placed on the user's device before obtaining valid consent.
Art. 6(1) GDPR
Related Enforcement Actions (0)
No other enforcement actions found for American Express Services Europe Limited in UK
This is the only recorded action for this entity in this jurisdiction.
Similar Cases
Enforcement actions with similar violations
Details
Fine Date
17 May 2021
Authority
Information Commissioner's Office
Fine Amount
€105,300
90,000 GBP
GDPRhub ID
gdprhub-3494About this data
Cite as: Cookie Fines. American Express Services Europe Limited - United Kingdom (2021). Retrieved from cookiefines.eu
Last updated: