WhatsApp rewrites its Europe privacy policy after a record €225 million GDPR fine

WhatsApp is appealing the fine, which it called "disproportionate"
WhatsApp is appealing the fine, which it called "disproportionate" Copyright Mourizal Zativa / Unsplash
By Tom Bateman with AP
Share this articleComments
Share this articleClose Button
Copy/paste the article video embed link below:Copy to clipboardCopied

Users of the messaging app will be notified of the changes but won't have to take any action, the company said.


WhatsApp has rewritten its privacy policy for European users after being handed a record €225 million fine by Irish data protection regulators earlier this year.

The new policy, published on Monday, includes more detail about how the Meta-owned company collects and uses customer data, how it is stored and when it is deleted.

The messaging service also said it had added more detail on "why we share data across borders," as well as the legal bases for processing users' information.

WhatsApp users in the European Union and United Kingdom will receive a notification directing them to the updated information, but will not have to take any other action.

"This update does not change the way we operate our service, including how we process, use or share your data with anyone, including our parent company Meta," WhatsApp said.

The chat service said that while it disagreed with the decision, it had to comply by updating its policy while it appeals the ruling.

Why was WhatsApp fined?

WhatsApp's Dublin-based European subsidiary was fined by Ireland's Data Protection Commission (DPC) in September for violations of the stringent GDPR regulations that govern data sharing in the EU.

In its decision, the DPC found that WhatsApp had not been transparent enough about the way it handled users' data.

This meant that the messaging service had not provided enough information about how data was collected "in a concise, transparent, intelligible and easily accessible form, using clear and plain language," the DPC said.

The Irish regulator also imposed a reprimand along with an order for WhatsApp to bring its processing into compliance by taking "a range of specified remedial actions".

WhatsApp is currently appealing against the ruling. In September the company said the fine it received was "entirely disproportionate".

The €225 million penalty is the largest ever handed out by the DPC, and the second-biggest issued under GDPR, after a €746 million fine given to Amazon by authorities in Luxembourg.

Share this articleComments

You might also like