The EDBP points out that the sanctions granted so far are in most cases much lower than their maximum statutory amount. By May a total of 110 entities had been fined (including two Polish companies), and the average fine amounted to EUR 66,000. According to the EDBP, we may expect higher fines in the coming months.
In Poland, in May 2019, more than 160 acts were amended, including the Labour Code, in order to adjust them to the Code of Ethics. This put the companies before the obligation to adjust their processes to the new requirements and the need to systematically monitor personal data protection.
In the case of determining the level of sanctions, the authorities responsible for personal data protection take into account, among other things, the following:
Personal data protection
Contact our expert