PARIS, Global fast-fashion giant Shein has been hit with a hefty €150 million (RM761 million) fine from France’s data protection authority for violations of the European Union’s General Data Protection Regulation (GDPR).
The Commission Nationale de l’Informatique et des Libertés (CNIL) announced the penalty after investigations revealed that Shein failed to adequately safeguard customer data and did not comply with key GDPR requirements.
According to CNIL, the company’s practices exposed millions of European users to privacy risks, including insufficient measures to prevent data breaches and lapses in providing customers with clear information about how their personal data was collected and used.
The fine represents one of the largest penalties issued by CNIL in recent years, highlighting Europe’s tougher stance on protecting consumer privacy and holding companies accountable for mishandling personal data.
Shein, which has seen rapid growth across Europe in recent years, said it is reviewing the authority’s decision and will continue to strengthen its data protection policies.
The case underscores increasing scrutiny faced by global tech-driven retailers operating in Europe, where regulators have stepped up enforcement of data privacy rules under GDPR.
