Shein was fined 150 million

By: Trademagazin Date: 2025. 10. 01. 10:51

🎧 Hallgasd a cikket: Nyelv: Sebesség: 1.05×

In early September, the French data protection authority issued a precedent-setting decision: it fined Shein’s Irish subsidiary for serious violations of cookie and user consent rules. The decision goes far beyond a single fine and is a warning that cookie data protection regulations must be taken seriously. An expert from Jalsovszky Law Firm draws the lessons.

The French case

Sill Abigél

The French data protection authority conducted an audit in August 2023 regarding the cookie management practices of the Chinese online retailer Shein. As a result, on September 1, 2025, the company was fined a significant amount of 150 million euros. The investigation revealed several violations related to Shein’s use of cookies and the obtaining (or rather, not obtaining) of users’ consent. Some cookies – including advertising and tracking cookies – were already placed on users’ devices at the moment the website was opened, before anyone could interact with the so-called cookie panel used to record cookie consent. Some cookies were also loaded even if visitors explicitly rejected cookies using the “Reject All” option or later withdrew their consent, and in some cases new cookies were even installed. The cookie panel itself did not provide sufficient information about the purposes of the cookies, especially those for advertising purposes, and did not clearly identify the third parties involved.

When imposing the fine, the authority emphasized that Shein had the necessary technical and human resources to ensure compliance, but it nevertheless acted negligently. The scale of the breach was also significant: Shein’s website attracted around 12 million unique visitors per month in France. The €150 million fine represents around 2% of the group’s 2023 European revenues, making it clear that non-compliance poses a significant financial risk for companies of similar size and reach to a similar number of consumers.