TikTok has been fined €530 million ($601 million) for violating EU personal data protection rules by transferring data to China, an Irish regulator said on Friday.
The Irish Data Protection Commission (DPC) said TikTok breached the European Union's General Data Protection Regulation (GDPR) by sharing European user data with China, and violated the bloc's transparency requirements.
TikTok can still appeal the penalty, which in addition to the fine requires it to adapt its data processing to comply with EU rules within six months.
During the investigation, the video-sharing app said it did not store any user data from Europe on servers in China, but in April admitted that this had happened to a limited extent, the DPC said.
DPC deputy chief Graham Doyle said TikTok was unable to guarantee that data from European users accessed by employees in China was protected in the same way as it was in the EU, as required by GDPR.
TikTok's parent company ByteDance is based in China.
