The most common question on the GDPR is what to expect if you don’t comply with the GDPR? The answer is very simple, you would have to face numerous penalties and fines, which will depend on the nature of the breach.
The GDPR became famous for introducing a new tired fine policy, which means that the amount of fine will be determined by the severity of the non-compliance and personal data breaches.
Chapter 8 of the GDPR introduces the two levels of fines and factors influencing them:
- The first level refers to the less serious violations, such as having improper records of users’ data, which can be fined a maximum of 2% of company’s annual global turnover, or €10 million.
- The second level refers to the most severe infringement, such as violations of basic principles for data processing. The maximum fine a company can receive is 4 % of its annual worldwide turnover or €20 million, whichever is higher.
In any case, the penalty for non-compliance with the GDPR is now very high. Thus it is important to do everything necessary upfront to ensure that your company’s activities are aligned with the EU GDPR from Day 1.