Klarna under investigation by UK regulator for ‘unsolicited’ emails
Klarna has been reported to the UK’s data regulator for sending “unsolicited” marketing emails.
The Information Commissioner’s Office (ICO) is investigating claims that the Swedish buy now, pay later (BNPL) giant sent its newsletter to people who had never used its services.
Some of the claimants shared their dismay on Twitter, asking why and how the fintech had obtained their details.
“Now why would @Klarna have ‘accidentally’ sent me their newsletter when I have never used their services. Who sold them my email?” tweeted Christine Armstrong, one of the recipients.
Admission of guilt?
Klarna followed the initial message with a second email apologising to recipients.
It also promised them that they had not been added to a marketing database.
“The email is evidence that companies are collecting our data and they’re not visible to us,” said Armstrong.
“Klarna only revealed themselves by making a mistake, but it raises a lot of questions about where our data is stored and where it goes.”
The start-up later issued a statement. “At no point has customer data been compromised and the data has been used in line with our terms and conditions and our privacy notice.”
Impact of a GDPR breach for Klarna
Klarna claims to have around 8.6 million customers in the UK. If it has flouted general data protection regulation (GDPR), the firm could face a hefty fine.
Klarna could be slapped with a penalty of up to 4% of its annual revenue. It made SEK 7.2 billion ($740 million) 2019. This means a fine could look as big as $29.6 million.
Between January and June 2020, the fintech operated at a negative profit of $62.98 million. That’s six times the losses it made in the same period last year.
But despite widening losses, the fintech’s year-on-year growth sits at 37%. Its biggest customer growth this year has incidentally been in the UK, as well as the US.
The fine print
The UK’s data protection watchdog says “numerous people” made it aware of the marketing email Klarna sent out.
“Businesses should only contact individuals for electronic marketing purposes where consent is provided or, in limited circumstances, where they have an existing relationship,” says the ICO.
A spokesperson for Klarna has since come out to clarify Klarna’s policy around GDPR.
“Whenever anyone uses Klarna’s checkout technology they agree to the terms and conditions and our privacy notice, which allows Klarna to promote its products and services to them.”
So Klarna’s marketing team does have access to these email addresses. The fintech also says: “Consumers normally do not receive newsletters unless they have opted in or downloaded our app.”
Add it to the list
Klarna is under investigation from Advertising Standards Authority (ASA), due to claims its marketing drives young people into debt without making them aware of the risks involved.
And the Financial Conduct Authority’s interim chief executive, Chris Woolard, opened an investigation into unregulated credit providers – including Klarna – last month too.
Campaigners think BNPL firms like Klarna should come under the Consumer Credit Act, which forces lenders to conduct extensive affordability checks on all borrowers.