In April, the video sharing platform was hit with a €530 million fine.
ADVERTISEMENT
The Irish Data Protection Commission (DPC) opened a new inquiry into TikTok’s transfers of EU users’ personal data to servers located in China after new information emerged, it said in a statement on Thursday.
The probe comes after the DPC issued a €530 million fine against the video sharing platform in April for failing to protect personal data of EU users when transferring it to China.
The watchdog said that during the investigation, TikTok claimed that transfers of EU users’ personal data to China took place by way of remote access only, and that the data was not stored on servers in China.
But TikTok subsequently told the DPC that it discovered in February 2025 that limited EU personal data had been stored in China, by contrast with its previous claims.
The DPC - the lead privacy watchdog in Europe for TikTok’s owner ByteDance - said in its decision that it is concerned about the inaccurate information provided and that it consulted other national data protection authorities about what regulatory steps to take.
The new investigation will determine whether TikTok has complied with its obligations under the General Data Protection Regulation (GDPR) in the context of third country transfers.
A spokesperson for TikTok said in a statement that the teams "proactively discovered" the issue.
"We promptly deleted this minimal amount of data from the servers and informed the DPC. Our proactive report to the DPC underscores our commitment to transparency and data security," the spokesperson said.
The EU has so-called adequacy agreements – which means that the regions acknowledge each others’ data protection frameworks -- with several countries such as the US, Switzerland and Argentina, but that list does not include China.
