Show all guides
Europe
GDPR

TikTok fined €530 million for GDPR violations over data transfers to China

Last update:
Apr 6, 2025

Ireland’s Data Protection Commission (DPC) fined TikTok €530 million (around $601 million) for transferring European user data to China in a way that doesn’t comply with the GDPR transparency requirements. Since the European Commission has not issued an Adequacy Decision regarding data transfers to China, organizations are required to ensure the protection of user data.  

The Commissioners for Data Protection’s decision includes, in addition to the substantial fine, an order suspending TikTok’s data transfers to China, unless the company can demonstrate full compliance with the law within six months. 

During the investigation, it was also revealed that user data has been stored on servers located in China. TikTok reported this discovery, which contradicts earlier company reports, and deleted the data. However, further regulatory steps may still follow.

The full guidelines can be found
here

Related Guides

France joins Austria in ruling that the use of Google Analytics violates the GDPR

May 17, 2022

Following the determination by the Austrian data protection authority (DPA) that the continuous use of Google Analytics violates the GDPR, the French data protection authority, or the Commission nationale de l’informatique et des libertés (CNIL) reached a similar conclusion....
Europe
GDPR

EU-US Draft Adequacy Decision Finally Arrives

December 15, 2022

After years of deliberation, the EU and US finally have a draft adequacy decision in place for free data flows between the nations.
Worldwide
GDPR
The information provided on this website does not, and is not intended to, constitute legal advice; instead, all information, content, and materials available on this site are for general informational purposes only