Which regulatory agencies enforce this type of clause?

{'agency': 'FTC', 'reason': 'FTC can investigate data retention practices that are inconsistent with stated privacy policies under FTC Act Section 5.', 'complaint_url': 'https://reportfraud.ftc.gov/'}

What is the severity of this clause?

ConductAtlas classifies this Data Retention clause as medium severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Do other platforms have similar clauses?

Yes. ConductAtlas has identified similar Data Retention clauses across approximately 39 other tracked platforms. You can compare how platforms differ on this clause type in the cross-platform comparison view.

Data Retention — Klarna

Share 𝕏 Share in Share 🔒 PDF

What it is

Klarna keeps your personal data for as long as needed to provide services and meet legal requirements, with financial and transaction data potentially kept for up to 10 years.

Consumer impact (what this means for users)

Your transaction history and financial data may be retained by Klarna for up to 10 years, limiting the practical effect of a deletion request for data subject to legal retention obligations.

Cross-platform context

See how other platforms handle Data Retention and similar clauses.

Compare across platforms →

Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

A 10-year retention period for financial transaction data means detailed records of your purchases and payment behavior remain with Klarna for a significant period, even after you close your account.

View original clause language

We retain your personal data for as long as necessary to provide our services, comply with our legal obligations, resolve disputes, and enforce our agreements. The specific retention period depends on the type of data and the purpose for which it was collected. Financial and transaction data may be retained for up to 10 years to comply with accounting and regulatory requirements.

Institutional analysis (Compliance & legal intelligence)

REGULATORY FRAMEWORK: GDPR Art. 5(1)(e) requires data minimization and storage limitation; retention must be justified by specific legal obligations or legitimate purposes. Swedish Accounting Act requires retention of financial records for 7 years. EU Anti-Money Laundering Directive (AMLD5/6) requires retention of transaction records for 5 years. UK Companies Act requires similar retention. CCPA/CPRA does not mandate specific retention periods but requires disclosure of retention practices.

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

FTC

FTC can investigate data retention practices that are inconsistent with stated privacy policies under FTC Act Section 5.
File a complaint →

Provision details

Document information

Document

Klarna Privacy Policy

Entity

Klarna

Document last updated

April 29, 2026

Tracking information

First tracked

April 27, 2026

Last verified

April 27, 2026

Record ID

CA-P-003483

Document ID

CA-D-00166

Evidence Provenance

Source URL

https://www.klarna.com/us/privacy/

Wayback Machine

View archived versions →

SHA-256

bfbac757c06748a3aa551a759cd3abf415605416813542dd2a529a21bc5bd714

Verified

✓ Snapshot stored ✓ Change verified

How to Cite

ConductAtlas Policy Archive
Entity: Klarna | Document: Klarna Privacy Policy | Record: CA-P-003483
Captured: 2026-04-27 13:38:29 UTC | SHA-256: bfbac757c06748a3…
URL: https://conductatlas.com/platform/klarna/klarna-privacy-policy/data-retention/
Accessed: May 2, 2026

Classification

Severity

Medium

Data Retention