menu close EventsNewsContact Us
English
EnglishPolish
search close
Global Site close
  • Americas
  • Asia Pacific
  • Europe
  • Middle East and Africa
ArgentinaArubaBahamasBarbadosBoliviaBrazilCanadaCayman IslandsChileColombiaCosta RicaCuracaoDominican RepublicEcuadorEl SalvadorGuatemalaHondurasMexicoPanamaParaguayPeruPuerto RicoSaint MartinSurinameUnited StatesUruguayVenezuela
AfghanistanAustraliaCambodiaChinaFrench PolynesiaHawaiiHong KongIndiaIndonesiaJapanMacauMalaysiaMaldivesMongoliaMyanmarNepalNew ZealandPakistanPhilippinesSingaporeSouth KoreaSri LankaTaiwanThailandVietnam
AlbaniaAndorraArmeniaAustriaAzerbaijanBelgiumBulgariaCroatiaCyprusCzech RepublicDenmarkEstoniaFinlandFranceGeorgiaGermanyGreeceHungaryIrelandItalyKazakhstanLatviaLiechtensteinLithuaniaLuxembourgMaltaMoldovaNetherlandsNorwayPolandPortugalRomaniaSerbiaSlovakiaSloveniaSpainSwedenSwitzerlandTajikistanTurkeyUkraineUnited KingdomUzbekistan
AlgeriaAngolaBahrainCameroonCentral African RepublicCôte d’IvoireEgyptGhanaIraqJordanKenyaKuwaitLebanonLiberiaMaliMauritiusMoroccoMozambiqueNigeriaOmanQatarSaudi ArabiaSenegalSeychellesSierra LeoneSouth AfricaTanzaniaTogoTunisiaUgandaUnited Arab EmiratesYemenZimbabwe
English
EnglishPolish
Services
close Services
Services
IndustriesInsights
About Us
close About Us
About Us
Careers
close Careers
Careers
EventsNewsContact Us
search close
GDPR fines Crowe

Violations of GDPR - previous fines

8/7/2019
GDPR fines Crowe
According to the report of the European Data Protection Board (EDPB), in 2019 further penalties are expected for violation of GDPR. By May, out of over 200,000,000 reported personal data security breaches from 31 European countries, just over half of them had been investigated by national data protection authorities (52%).

The EDBP points out that the sanctions granted so far are in most cases much lower than their maximum statutory amount. By May a total of 110 entities had been fined (including two Polish companies), and the average fine amounted to EUR 66,000. According to the EDBP, we may expect higher fines in the coming months.

In Poland, in May 2019, more than 160 acts were amended, including the Labour Code, in order to adjust them to the Code of Ethics. This put the companies before the obligation to adjust their processes to the new requirements and the need to systematically monitor personal data protection.

In the case of determining the level of sanctions, the authorities responsible for personal data protection take into account, among other things, the following:

  • the number of victims and the extent of damage
  • the purpose and scope of the processing of the data breached
  • nature of the infringement (unintentional or intentional)
  • corrective action taken
  • cooperation with the national data protection authorities (UODO or its equivalents in other countries)
  • whether the product or service has already been protected in terms of data protection at the design stage
  • whether the data were protected both technically and procedurally.

Find out if your company is GDPR compliant

Find out

Personal data protection

Learn more about how we can support you

Contact our expert

Nasz Zespół
Nasz Zespół