20 biggest GDPR fines so far [2025] - Data Privacy Manager

Data Privacy Manager·January 24, 2020·fine

Companies Mentioned

Company	Date	Regulation	Amount (USD)	Type
Google	2025-09-01	GDPR	$135,000,000	consent
Google	2025-09-01	GDPR	$351,000,000	consent
Criteo	2023-06-15	GDPR	$43,200,000	consent
Meta Platforms	2023-05-22	GDPR	$1,296,000,000	transfer
Meta Platforms	2023-05-22	GDPR	$1,296,000,000	Failure to implement sufficient measures to ensure information security
Meta Platforms	2022-11-25	GDPR	$286,200,000	Failure to implement sufficient measures to ensure information security
Meta Platforms	2022-09-05	GDPR	$437,400,000	children
Meta Platforms	2022-09-05	GDPR	$437,400,000	Failure to comply with data processing principles
Google	2022-05-18	GDPR	$10,800,000	Non-compliance with lawful basis for data processing
Google	2022-01-06	GDPR	$10,800,000	consent
Meta Platforms	2022-01-04	GDPR	$421,200,000	Failure to comply with data processing principles
Google	2021-12-31	GDPR	$64,800,000	Non-compliance with lawful basis for data processing
Google	2021-12-31	GDPR	$97,200,000	Non-compliance with lawful basis for data processing
Meta Platforms	2021-09-02	GDPR	$243,000,000	consent
Meta Platforms	2021-09-02	GDPR	$243,000,000	Non-compliance with lawful basis for data processing
Vodafone Italia S.p.A	2020-11-12	GDPR	$13,231,729	Multiple
Google	2020-03-11	GDPR	$7,560,000	Failure to comply with data processing principles
Google	2019-01-21	GDPR	$54,000,000	Several