FREE GDPR Helpline
Call +44 (0) 208 133 2545
There will be two levels of fines based on the GDPR. The first is up to €10 million or 2% of the company’s global annual turnover of the previous financial year, whichever is higher. The second is up to €20 million or 4% of the company’s global annual turnover of the previous financial year, whichever is higher. The potential fines are substantial and a good reason for companies to ensure compliance with the Regulation.
The Parliament had requested for fines to reach €100 million or 5% of the company’s global annual turnover. The agreed fines are the compromise that was reached.
Fines for infringements will be considered on a case-by-case basis and will take a number of criteria into consideration, such as the intentional nature of the infringement, how many subjects were affected and any previous infringements by the controller or processor.
The lower level of fine, up to €10 million or 2% of the company’s global annual turnover, will be considered for infringements listed in Article 83(4) of the General Data Protection Regulation.
This includes infringements relating to:
The higher level of fine, up to €20 million or 4% of the company’s global annual turnover, will be considered for infringements listed in Article 83(5) of the General Data Protection Regulation.
When deciding whether to impose a fine or the amount to be paid as a fine, the following will be taken into consideration for each individual case:
If a controller or processor makes several infringements, the total amount of the administrative fine will not exceed the fine for the most serious infringement for the same or linked processing operations.
Member States will also have the ability to apply penalties for infringements to the GDPR. The Member State will be responsible for implementing such penalties, which must be effective, proportionate and dissuasive.
Separate to these fines and penalties, individuals will have the right to claim compensation for any damage suffered as a result of violating the GDPR.
One of the biggest points to note about the General Data Protection Regulation is the potential of massive fines. It is certainly an eye-opener. But how much will the first
When the pub chain JD Wetherspoons recently announced that it had fixed its GDPR problem by deleting their customer data base, it caused a collective sigh of desperation amongst the
With just over one year to go before the GDPR Regulation is enacted most organisations who are doing something about
Downloadable transcript. Tomer Weingarten, CEO of SentinelOne on the Need for Change Interviewed by Tom Field, VP of Editorial for
One year after “Apple vs. FBI,” British Home Secretary Amber Rudd this past weekend slammed Silicon Valley social networking firms,
Digital transformation is not a new subject. Technology driven evolution of business to develop more efficient ways of interacting with
Data breaches are more than a security problem. A significant attack can shake your customer base, partner relations, executive staff,
Many organisations transfer personal data across borders to both EU and non-EU recipients. The EU General Data Protection Regulation (“GDPR”)
PDF Outline: Any organisation, based inside or outside the EU, dealing with the data of EU individuals will be impacted
Research from Capgemini highlights a striking dichotomy between the views of consumers and banking insiders about levels of security in
Three quarters of organisations plan to expand their data protection capabilities with encryption as GDPR deadline looms. The study polled