Vinted, the second-hand specialist, has been fined over €2.3 million by the Lithuanian data protection authority following complaints, notably from France, declares the French data protection watchdog, CNIL.
The €2,385,276 penalty follows numerous complaints primarily concerning difficulties faced by individuals in exercising their right to data deletion, reports the National Commission for Computing and Freedoms.
The complaints began in France, Vinted’s main market in customer numbers, against the Lithuania-based company in 2020.
The French complaints were conveyed to the Lithuanian data protection authority, tasked to conduct investigations on this case and which sanctioned Vinted.
According to the CNIL, the platform failed to "fairly and transparently" process requests for personal data deletion.
The authority also blamed Vinted for implementing a "covert banning" system, deceptively making any user deemed malicious (not adhering to the platform’s rules) invisible to other users, unknowingly nudging them to leave the platform.
They consider this method to excessively infringe upon user rights.
Furthermore, Vinted was unable to demonstrate that it had adequately responded to customer requests for access to personal data.
The process was carried out in collaboration with Polish, Dutch, and German authorities, adds CNIL.
Established in Vilnius in 2008 by Lithuanians Justas Janauskas and Milda Mitkute, the Vinted platform is available via a mobile app or an internet browser and has about 50 million active monthly users worldwide.
