Yoti has been fined 950,000 euros (roughly US$1.1 million) by Spanish data protection regulator AEPD for the handling of biometrics and other data within its digital identity app. The regulator has ruled Yoti violated three clauses of the EU’s General Data Protection Rule (GDPR).

Criteo, whose main establishment is in France, operates by displaying targeted advertising on websites managed by third parties. To do this, it collects and processes browsing data using connection trackers - cookies - from individuals located in France and other EU member states who visit partner websites.