It is now 2020 and the GDPR has been in effect for almost 2 years. Many companies thought: been there, done that. And for a while the regulators let some time go by.
The first warnings appeared quickly enough. Eg; in September 2018, the French regulator warned a company that they needed to get consent of their customers for getting geolocation based data.
That same month, an airline was hacked and, on top of the reputational damage and costs to fix the IT systems, it faced the threat of a stiff fine.
Even though we not have really noticed, fines started being imposed as early as January 2019.
Wrong! The fines are levied in a number of cases. And to make it difficult to estimate, there are guidelines that will shape the decision making process, but no hard and fast rules!
The GDPR is very complex and consists of both articles and associated recitals that you need to be in compliance with. it is amuch about the letter as it is about the spirit.
We have a clear view on what most of those cases are.
And more importantly, when you follow our guidelines, you will be well placed to answer any questions by your clients and cooperate with the regulator in a proactive way.
They will never come after me. I'm too small.
And besides, I have my privacy policy and cookie notice in place
Company size has nothing to do with it.
While in the beginning, it seemed mostly a game for the big players (for names, you have to contact us) that is just perception.
As early as March 2018 a €10M revenue company was fined around €120,000. 2 days later another company with operating revenues of around €6.2M was fined close to €200.000 for failing to abide by the DSRR stipulatons.
Don't know what these are?
Fill out the form below and we'll let you in on the good stuff.