REWE under pressure: Millions of penalty for Jö Bonus Club for data protection!

REWE under pressure: Millions of penalty for Jö Bonus Club for data protection!

The Jö Bonus Club, a customer loyalty program at REWE International AG, has been in the headlines in recent years due to repeated data protection violations. Founded in 2019, the program combines known brands such as ADEG, Billa, Bipa, Penny as well as several partner companies such as Allianz Versicherung and OMV. Participating members can collect “ÖS” for any purchase that can either be converted or donated into premiums. Rewe has significantly invested in the Jö Bonus Club to strengthen customer loyalty and increase sales, especially in an increasingly competitive market in which customer loyalty programs play a central role.

However, there are dark sides. According to the commercial register, the cumulative losses of the "Our Ö-Bonus Club GmbH" amounted to almost 28 million euros. An annual profit of 1.5 million euros was shown in 2023, but the repeated criticism of consumer and data protection officers harms the reputation of the program. In particular, the data protection authority grabbed hard, imposed a penalty of eight million euros on serious violations of the General Data Protection Regulation (GDPR) and as early as 2021 a further penalty of two million euros. These sums underline the urgency with which data protection issues in today's digital economy must be treated.

Details on the data protection violations

The current punishment affects alleged information deficiencies in terms of data use of over two million customers. According to [Kleine Zeitung] (https://www.kleinezeitung.at/Wirtschaft/608552/8-Million-euro_datenschutzbehoerde_abermals-millions penalty), REWE plans to take the decision, since she denies the responsibility for the data processing activities of the JÖ Bonus Club and emphasizes that the program acts legally and economically independently. It is also pointed out that no customer data from Jö will be sent to Rewe.

The data protection problem should not be underestimated because it brings with it both legal and economic consequences for the company. Experts emphasize that strict requirements for the GDPR must be observed in the design of customer loyalty programs such as the Jö Bonus Club. This includes data minimization, purpose binding and the consideration of the rights of those affected, which must be extensively informed as part of the program.

data protection and customer loyalty

Customer loyalty programs are designed to strengthen the binding of customers and to win new customers. Nevertheless, they are often complex and must be carefully adapted to the requirements of data protection. The Legal Smart emphasizes that the disregard of data protection law can have significant consequences, including high penalty payments. In particular, companies must ensure that the information obligations in accordance with GDPR are met and that customers have the opportunity to revoke their consent when it comes to sending marketing materials.

The Jö Bonus Club therefore faces both economic challenges and the need to take data protection issues seriously. The coming months will show how Rewe reacts to the existing problems and whether those responsible succeed in regaining the trust of customers.