Swedish-based music streaming giant Spotify has been fined R99.6 million for not properly informing its users of how they use their collected data.
According to the Swedish Authority for Privacy Protection (IMY) it had reviewed “how Spotify handles customers’ rights of access to their personal data”.
“As a result of the shortcomings identified, IMY is imposing a fine of 58 million kronor (R99.6 million) on the company.”
Although Spotify did hand out the data it had when an individual user requested it, the company had not been specific enough as to how that data was being used.
According to the rules of the European data protection act (GDPR), individual users have the right to know what data a company has about them and how that data is being used.
“Since the information provided by Spotify has been unclear, it has been difficult for individuals to understand how their personal data is processed and to check whether the processing of their personal data is lawful.”
Although the “shortcomings” are not that severe, the fine amount was based on Spotify’s revenue and user count.
Spotify has announced that it plans to appeal the IMY’s decision.
Image credit: NYOB