Processing personal data in breach of the GDPR  may entail business, financial and reputational risks 

  • The supervisory authorities may carry out audit and issue warning or enforcement letter;
  • It may also serve fine of up to 20 million euros or 4% of the annual worldwide turnover whichever is higher.
  • Most of the Authorities' decisions and massive security breaches are reported in the media
  • Individuals must be notified of data breaches under certain circumstances
  • Customer relationship might suffer from non-compliance with data protection rules especially where  customer's data protection request is not handled properly (e.g. right of access, data portability etc.)
  • Customers' trust may be lost if customers' data is misused or lost